Supply Chain Risk Management (SCRM) plays a crucial role in safeguarding the integrity and security of supply chains within the Federal government. With increasing reliance on technology, there is a…

Learn More

The Risk Management Framework (RMF) is an integral component of information security management, primarily associated with NIST’s SP 800-37 guide, as a part of the broader E-Government Act of 2002,…

Learn More

Increasing cyber-attacks necessitates security improvement and vulnerability reductions to minimize the threats and provide continued government operations. This paper explores cyber risks in the software development process. It also looks…

Learn More

Over the last decade public sector agencies have expanded their risk management practices, yet they have not kept pace with the global risk landscape, which now entails a wider range…

Learn More

“10Cs: A Framework for Impact Reduction of Climate Change on Children” by Romex K Jha is an insightful white paper that presents a comprehensive approach to mitigate the impacts of…

Learn More

In January leaders of global enterprises and governments met again in Davos Switzerland to evaluate the risks facing the world. This is the largest gathering of economic, industry, social, risk…

Learn More

As directed by the National Artificial Intelligence Initiative Act of 2020 (P.L. 116-283), the goal of the Artificial Intelligence Risk Management Framework (AI RMF) is to offer a resource to…

Learn More

This publication describes a basis for establishing principles, concepts, activities, and tasks for engineering trustworthy secure systems. The intent of this publication is to advance systems engineering in developing trustworthy…

Learn More

Early detection of insider risk is a critical component to develop a proactive cybersecurity posture. Continuous vetting is key to a healthy workforce and efficient operations, but agencies often face…

Learn More

The year of 2022 is a compounding of risk unique in our human existence. Not only are risk more costly, but the events occur in multiples which increase the impact…

Learn More

Compounding risk in 2022 is unique to our human existence. Not only is risk more costly, but events occur in multiples and overlapping which increased the impact and cost. Disruption…

Learn More

Mobile network operators provide cell services with a vast deployment of antennas and radios on cell towers connected to base station equipment. The base station equipment converts the wireless signals…

Learn More

This document is the third in a series that supplements NIST Interagency/Internal Report (NISTIR) 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM). This series provides additional details regarding the enterprise…

Learn More

The climate crisis poses a serious threat to the United States economy and human welfare, with a narrowing timeframe to invest in opportunities to avoid the most catastrophic impacts. Extreme…

Learn More

With the threat of ransomware growing, this “quick start guide” will help organizations use the National Institute of Standards and Technology (NIST) Ransomware Risk Management: A Cybersecurity Framework Profile to…

Learn More