fbpx

Download free GDPR compliance checklist!

Tag Archives for " NIST "

NIST Study Evaluates Algorithmic Bias

A new NIST study examines how accurately face recognition software tools identify people of varied sex, age and racial background.

Results captured in the report, Face Recognition Vendor Test (FRVT) Part 3: Demographic Effects (NISTIR 8280), are intended to inform policymakers and to help software developers better understand the performance of their algorithms. Face recognition technology has inspired public debate in part because of the need to understand the effect of demographics on face recognition algorithms.

Source: NIST Study Evaluates Effects of Race, Age, Sex on Face Recognition Software | NIST

NIST Releases Draft Privacy Framework

On September 6, 2019, the National Institute of Standards and Technology (NIST) released a preliminary draft of its Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management.

Created in collaboration with private and public stakeholders, the voluntary Privacy Framework is intended to help organizations build and develop privacy foundations by integrating privacy considerations with their broader enterprise risk portfolio.

Source: NIST Releases Draft Privacy Framework

NIST’s Privacy Framework Starts to Take Shape

The Privacy Framework is being developed to be risk-based/outcome-based and non-prescriptive, unlike the GDPR.

The National Institute of Standards and Technology has plans to help companies address data privacy with the development of a Privacy Framework, which is due to be finalized by October. So far it has emerged as a modular, volunteer enterprise risk-management tool, meant to help companies protect consumer privacy while protecting business imperatives.

Source: RSA Conference 2019: NIST’s Privacy Framework Starts to Take Shape | Threatpost

This little-known facial-recognition accuracy test has big influence

The closely watched NIST results released last November concluded that the entire industry has improved not just incrementally, but “massively.” It showed that at least 28 developers’ algorithms now outperform the most accurate algorithm from late 2013, and just 0.2 percent of all searches by all algorithms tested failed in 2018, compared with a 4 percent failure rate in 2014 and 5 percent rate in 2010.

Full article: This little-known facial-recognition accuracy test has big influence

We Need to Talk About NIST’s New Password Management Recommendations

Recently, the National Institute of Standards and Technology (NIST) reversed its stance on organizational password management requirements. The institute now recommends banishing forced periodic password changes and getting rid of complexity requirements.

Full article: We Need to Talk About NIST’s New Password Management Recommendations

NIST launches development of a privacy framework

On Tuesday, the U.S. National Institute of Standards and Technology initiated its process for the development of a privacy framework. The framework is intended to be a collaborative effort with public and private sectors to help organizations “better identify, assess, manage, and communicate privacy risks; foster the development of innovative approaches to protecting individuals’ privacy; and increase trust in products and services.”

Source: NIST launches development of a privacy framework

NIST updates its Risk Management Framework

US National Institute of Standards and Technology (NIST) has published draft update to its Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy. The update to NIST Special Publication 800-37 (Revision 2) responds to the call by the Defense Science Board, Executive Order 13800, and OMB Memorandum M-17-25 to develop the next-generation Risk Management Framework (RMF) for information systems, organizations, and individuals. A public comment period for this draft document is open until June 22, 2018.

Source: SP 800-37 Rev. 2 (DRAFT), RMF: A System Life Cycle Approach for Security and Privacy | CSRC

NIST Updates Risk Management Framework to Incorporate Privacy Considerations

Augmenting its efforts to protect the nation’s critical assets from cybersecurity threats as well as protect individuals’ privacy, the National Institute of Standards and Technology (NIST) has issued a draft update to its Risk Management Framework (RMF) to help organizations more easily meet these goals.

Source: NIST Updates Risk Management Framework to Incorporate Privacy Considerations | NIST

NIST challenge targets better de-identification techniques for public data

One barrier to opening up valuable government datasets is making sure that all necessary personally identifiable information (PII) is removed beforehand — a process called de-identification. It’s a balancing act intended to protect individuals’ privacy while maintaining the integrity of the data.

he National Institutes of Standards and Technology (NIST) says existing de-identification techniques aren’t good enough, however, and in a new challenge on Challenge.gov, the agency asking for ways to improve them.

Source: NIST challenge targets better de-identification techniques for public data – Fedscoop

NIST releases latest version of its Cybersecurity Framework

On April 16, 2018, the National Institute of Standards and Technology (NIST) unveiled Version 1.1 of its widely known Cybersecurity Framework, which incorporates changes based on feedback collected through comments, questions, and workshops held in 2016 and 2017.

The Cybersecurity Framework aims to focus on industries vital to national and economic security, including energy, banking, communications, and defense, and provides a universal structure that can be tailored to varied methods of cybersecurity by compiling effective standards, guidelines, and practices into one framework.

Source: NIST releases latest version of its Cybersecurity Framework

>