Sun. Nov 27th, 2022
    en flag
    nl flag
    et flag
    fi flag
    fr flag
    de flag
    he flag
    ja flag
    lv flag
    pl flag
    pt flag
    es flag
    uk flag

    Content Assessment:

    Information - 90%
    Insight - 88%
    Relevance - 89%
    Objectivity - 91%
    Authority - 92%

    90%

    Excellent

    A short percentage-based assessment of the qualitative benefit of the 2021 Annual Cybersecurity and Privacy Report from the National Institute of Standards and Technology (NIST).

    Background Note: The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analyses to advance the development and productive use of information technology. ITL’s responsibilities include the development of management, administrative, technical, and physical standards and guidelines for the cost-effective security and privacy of other than national security-related information in federal information systems. The 2021 Cybersecurity and Privacy Annual Report provides the opportunity to describe the many cybersecurity program highlights and accomplishments from throughout the NIST Information Technology Laboratory (ITL). The report may be beneficial for cybersecurity, information governance, and legal discovery professionals seeking to better understand current challenges and considerations in the areas of cybersecurity and privacy.


    NIST Special Publication*

    2021 Cybersecurity and Privacy Annual Report

    By Patrick O’Reilly, Kristina Rigopoulos, Larry Feldman, and Greg Witte

    Report Abstract

    During Fiscal Year 2021 (FY 2021) – from October 1, 2020, through September 30, 2021 – the NIST Information Technology Laboratory (ITL) Cybersecurity and Privacy Program successfully responded to numerous challenges and opportunities in security and privacy. This annual report highlights the FY 2021 research agenda and activities for the ITL Cybersecurity and Privacy Program, including the ongoing participation and development of international standards; the enhancement of privacy and security risk management models, including those for the protection of controlled unclassified information (CUI), systems engineering and cyber resiliency, supply chains, and mobile technologies; the continued advancement of cryptographic technologies, including updates to Federal Information Processing Standard (FIPS) Publication 140-3, Security Requirements for Cryptographic Modules, and preparation for post-quantum cryptographic methods; and improved infrastructure protection in areas such as zero trust architectures and advanced networking security. NIST maintained a strong focus on supporting small and medium-sized businesses (SMBs), including updates to the Small Business Cybersecurity Corner website to make resources easier to find and use and drawing on contributed cybersecurity resources and feedback received from federal partners and the public.

    Read the original announcement.

    Report Foreward (Kevin Stine, NIST Chief Cybersecurity Advisor)

    Pablo Picasso famously said, “action is the foundational key to success”. At the National Institute of Standards and Technology (NIST), we have been a part of the action in the cybersecurity world since the very beginning, and this year is a big one for us. We are celebrating a major milestone as we hit 50 years of cybersecurity at NIST. For 50 years, NIST—formerly the National Bureau of Standards (NBS), until 1988—has conducted research and developed guidance that has led to extraordinary advancements in cybersecurity.

    We take pride in our rich history and work to honor the tradition of fostering an open, transparent, and collaborative environment where we cultivate trust in technology. Our dynamic projects are of global importance because they help advance technology, cybersecurity and privacy standards and guidelines, and measurement science for all of us. We value success, and all the learning and collaboration that comes along with it.

    This annual report is organized into eight key areas: cryptographic standards and validation, cybersecurity measurement, education and workforce, identity and access management, privacy engineering, risk management, trustworthy networks, and trustworthy platforms. This past year, NIST conducted research and demonstrated practical applications in several key priority areas, including post quantum cryptography (PQC), cybersecurity in supply chains—which was included in an Executive Order from the President in 2021—zero trust, and control systems cybersecurity. We also initiated research in some new areas, including exploring the cybersecurity of genomics data.

    We have a lot planned for 2022 as we help organizations better manage risk (for example, we are launching an update process for the Cybersecurity Framework and reviewing a host of other NIST frameworks and guidance documents with an eye on improving their alignment). We have also made selections of finalists and alternate candidates to be considered for PQC standardization. Stay tuned for updates to our foundational digital identity guidelines and for information on some of our new projects related to cybersecurity workforce and privacy (and be on the lookout for a Workforce Framework). We also will unveil a new tool that will make it simpler and quicker for users of NIST cybersecurity and privacy products to navigate content across NIST resources.

    While Picasso was famous for a completely different form of art, cybersecurity and privacy is our ‘art’—and our science—and we are ready for 50 more years of innovation, collaboration, and action.


    Read the Complete Report: NIST Special Publication – Fiscal Year 2021 Cybersecurity and Privacy Annual Report (PDF) – Mouseover to Scroll

    NIST.SP.800-220

    Read the original publication.


    *Shared with permission.

    Reference: O’Reilly PD, II, Rigopoulos KG, Feldman L, Witte GA (2022) Fiscal Year 2021 Cybersecurity and Privacy Annual Report. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) NIST SP 800-220. https://doi.org/10.6028/NIST.SP.800-220.

    Additional Reading

    Source: ComplexDiscovery

     

    Have a Request?

    If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

    ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

    ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.

    Stricter Supervisory and Enforcement Measures? European Parliament Adopts New Cybersecurity Law

    According to European Member of Parliament (MEP) Bart Groothuis, “Ransomware and...

    Geopolitical Shakedowns? The Annual ENISA Threat Landscape Report – 10th Edition

    According to EU Agency for Cybersecurity Executive Director Juhan Lepassaar, “Today's...

    Cryptographically Secure? The Threat of Side-Channel Analysis

    Side-channel analysis has become a widely recognized threat in the last...

    Red Storm Rising? Data Breaches Rise Globally in Q3 2022

    “It’s concerning to see data breaches rising again after a comparatively...

    A Magnet for Revenue? Magnet Forensics Announces 2022 Third Quarter Results

    According to Adam Belsher, Magnet Forensics' CEO, "Our solutions address the...

    Progress and Opportunity? Cellebrite Announces Third Quarter 2022 Results

    “We are pleased to report a solid third quarter, delivering strong...

    Changing of the Guard? Relativity Welcomes New CEO

    "Relativity is a rare company with both exceptional industry leadership and...

    Fueling Continued Growth? Renovus Capital Acquires Advisory Business from HBR Consulting

    "The legal industry remains in the early stages of digital and...

    An eDiscovery Market Size Mashup: 2022-2027 Worldwide Software and Services Overview

    From retraction to resurgence and acceleration, the worldwide market for eDiscovery...

    On the Move? 2022 eDiscovery Market Kinetics: Five Areas of Interest

    Recently ComplexDiscovery was provided an opportunity to share with the eDiscovery...

    Trusting the Process? 2021 eDiscovery Processing Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    The Year in Review? 2021 eDiscovery Review Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    Five Great Reads on Cyber, Data, and Legal Discovery for November 2022

    From cyber shakedowns and threats to the total cost of eDiscovery...

    Five Great Reads on Cyber, Data, and Legal Discovery for October 2022

    From cyber claims and data privacy to corporate litigation and the...

    Five Great Reads on Cyber, Data, and Legal Discovery for September 2022

    From privacy legislation and special masters to acquisitions and investigations, the...

    Five Great Reads on Cyber, Data, and Legal Discovery for August 2022

    From AI and Big Data challenges to intriguing financial and investment...

    In The House? The Fall 2022 eDiscovery Total Cost of Ownership Survey – Final Results

    Today CompexDiscovery shares the results of a new business survey focused...

    Cold Front Concerns? Eighteen Observations on eDiscovery Business Confidence in the Fall of 2022

    In the fall of 2022, 49.0% of survey respondents felt that...

    Stereotyping Data? Issues Impacting eDiscovery Business Performance: A Fall 2022 Overview

    In the fall of 2022, 28.0% of respondents viewed increasing types...

    Bubble Trouble? eDiscovery Operational Metrics in the Fall of 2022

    In the fall of 2022, 89 eDiscovery Business Confidence Survey participants...

    Digging Out and Digging In? Ukraine Conflict Assessments in Maps (November 14-20, 2022)

    According to a recent update from the Institute for the Study...

    A Liberating Momentum? Ukraine Conflict Assessments in Maps (November 7-13, 2022)

    According to a recent update from the Institute for the Study...

    Rhetoric or Reality? Ukraine Conflict Assessments in Maps (November 1-6, 2022)

    According to a recent update from the Institute for the Study...

    Targeting Infrastructure? Ukraine Conflict Assessments in Maps (October 27 – 31, 2022)

    According to a recent update from the Institute for the Study...