Tag Archives: NIST

Taking the Fifth …

– “The Fifth Domain” is a recent book by Richard A. Clarke and Robert K. Knake. It is about cybersecurity and how it has become the fifth military domain following land, sea, air and space. Except that it isn’t really, n’est-ce pas? While intellectually one can imagine a fifth domain, it’s…

Did NIST Plagiarize My Security-Privacy Venn Diagram?

– .. or did I copy theirs? Or did someone else come up with it before either of us did? Nowadays, it’s really hard, if not impossible, to determine which came first. All I know is that the Venn diagram, which shows the intersection between privacy and security, and which is Figure 1 in my article…

Ron Ross and a “New” Approach to Cybersecurity

– No sooner had I finished my latest “Are We Secure?” piece than I read an August 23, 2016 article on Fedscoop by Shaun Waterman with the title “New Approach Needed to IT, Says NIST’s Top Cyber Scientist,” which you can find at…

Missed by NIST

– NIST (The National Institute of Standards and Technology) issued for comments a “Discussion Draft of the Preliminary Cybersecurity Framework” on August 28, 2013, available at www.nist.gov/itl/cyberframework.cfm The draft document is the result of the Presidential Executive Order (EO) on…

Risk Mismanagement – Scoring vs. Monte Carlo vs. Scoring

– I finally got to read Douglas Hubbard’s book “The Failure of Risk Management: Why It’s Broken and How to Fix It” (Wiley, 2009). As I have written in other columns about Hubbard’s prior book “How to Measure Anything: Finding the Value of Intangibles in Business” (Wiley, 2007; Second…