Geek-Guy.com

Tag: Standards

AI, Cybersecurity, Global Security News

How NIST fumbled management of the National Vulnerability Database

A US federal watchdog has outlined how the National Institute of Standards and Technology (NIST) failed to effectively manage the growing backlog of unprocessed cybersecurity vulnerabilities in the National Vulnerability Database (NVD). How the NVD crisis unfolded The NVD was established in 2005 and serves as a central repository for cybersecurity vulnerability data. When security…

Read more →

Global Security News, Risk Management

PCI SSC Publishes PCI PTS HSM v5.0

The PCI Security Standards Council (PCI SSC) has published a major revision to the PCI PIN Transaction Security (PTS) Hardware Security Module (HSM) Modular Security Requirements from version 4.0 to version 5.0. This update represents a significant evolution in HSM security, addressing modern cryptographic practices, cloud and multi-tenant deployments, and emerging threats such as post-quantum…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

US government agency to safety test frontier AI models before release

The Center for AI Standards and Innovation (CAISI), a division of the US Department of Commerce, has signed agreements with Google DeepMind, Microsoft, and xAI that would give the agency the ability to vet AI models from these organizations and others prior to their being made publicly available. According to a release from CAISI, which…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security, Risk Management

US government agency to safety test frontier AI models before release

The Center for AI Standards and Innovation (CAISI), a division of the US Department of Commerce, has signed agreements with Google DeepMind, Microsoft, and xAI that would give the agency the ability to vet AI models from these organizations and others prior to their being made publicly available. According to a release from CAISI, which…

Read more →

AI, Global Security News

The AI Exchange: Innovators in Payment Security Featuring Dreamplug Technologies Private Limited (CRED)

Welcome to the PCI Security Standards Council’s blog series, The AI Exchange: Innovators in Payment Security. This special, ongoing feature of our PCI Perspectives blog offers a resource for payment security industry stakeholders to exchange information about how they are adopting and implementing artificial intelligence (AI) into their organizations.  

Read more →

AI, Global Security News

PCI SSC Launches Enhanced Language Microsites for Global Audience

  The PCI Security Standards Council (PCI SSC) has announced the launch of newly redesigned language microsites, delivering a more accessible, structured, and user-friendly experience for global stakeholders. These updates mark a significant step forward in making PCI resources more readily available to non-English-speaking audiences by providing a consistent user experience across languages. 

Read more →

AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management

NIST Scales Back Vulnerability Scoring in 2026 as CVE Volume Surges

The National Institute of Standards and Technology (NIST) is narrowing how it analyzes and scores software vulnerabilities, citing a sharp increase in submissions that has made it difficult to keep pace.  “For years, security teams relied on NVD for vulnerability context to support prioritization decisions. But that model is under real strain,” said Ian Gray,…

Read more →

AI, Cybersecurity, Global Security News

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions. “CVEs that do not meet those criteria will still be…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Government & Policy

NIST cuts down CVE analysis amid vulnerability overload

Overwhelmed by an escalating volume of security flaws, the National Institute of Standards and Technology (NIST) has announced significant changes to how it handles cybersecurity vulnerabilities and exposures (CVEs). Rather than commit to providing enrichment for all entries in its National Vulnerability Database (NVD), the agency will focus on just the most critical CVEs, which…

Read more →

Cybersecurity, Europe, Global Security News, Risk Management

EU cybersecurity standards are at risk if supplier ban passes

Today, the European standards body ETSI sent a formal position paper to the European Commission, calling for changes to the proposed Cybersecurity Act 2 (CSA2), the EU’s planned revision to its existing cybersecurity certification framework. The paper focuses on two provisions: a proposed expansion of ENISA’s role in developing technical specifications, and a clause in…

Read more →

Cybersecurity, Global Security News

The Tactical Blueprint: Operational Standards for Modern Close Protection

In this tactical blueprint tutorial post, I will talk about the operational standards for modern close protection. In the current global security landscape, the shift from reactive “bodyguarding” to a proactive model of predictive intelligence has reached a critical tipping point. High-threat urban environments now demand a level of sophistication that goes far beyond physical…

Read more →

AI, Cybersecurity, Exploits, Global Security News, Network Security, Politics

ODNI tackles AI, threat hunting, app cybersecurity in year-one tech review

A year-long effort to strengthen cybersecurity and modernize tech at U.S. intelligence agencies has led to policy standards for using AI to bolster cyber defenses, a shared repository of all apps that have undergone a cybersecurity review and more, the Office of the Director of National Intelligence announced Thursday. An unclassified summary of cyber and…

Read more →

AI, china, Compliance, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management

Beijing wants its own quantum-resistant encryption standards rather than adopt NIST’s

China is reportedly planning to develop its own national post-quantum cryptography standards within the next three years, even as most of the world has already begun migrating to those finalized by the US in 2024. Post-quantum cryptography deals with algorithms that can protect data from the threat proposed by future quantum computers, which are expected…

Read more →

AI, Apps, Cybersecurity, Global Security News, Risk Management

US dominance of agentic AI at the heart of new NIST initiative

This week, the US National Institute of Standards and Technology (NIST) announced a new listening exercise, the AI Agent Standards Initiative, which it hopes will provide a roadmap for addressing agentic AI hurdles and, it said, ensure that the technology “is widely adopted with confidence.” AI agents, which have now ascended to the status of…

Read more →