<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Karen Kent</title><link>https://karenkent.journoportfolio.com</link><description>RSS Feed for Karen Kent</description><atom:link rel="self" href="http://karenkent.journoportfolio.com/rss.xml"></atom:link><language>en</language><lastBuildDate>Thu, 11 Jun 2026 00:00:00 +0100</lastBuildDate><item><title>Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile</title><link>https://csrc.nist.gov/pubs/ir/8374/r1/final</link><description>This CSF 2.0 Community Profile identifies the security outcomes from the NIST CSF 2.0 that support governing management of, identifying, protecting against, detecting, responding to, and recovering from ransomware events. The Profile can be used as a guide to managing the risk of ransomware events. That includes helping to gauge an organization’s level of readiness to counter ransomware threats and to deal with the potential consequences of events.</description><pubDate>Thu, 11 Jun 2026 00:00:00 +0100</pubDate><guid>https://csrc.nist.gov/pubs/ir/8374/r1/final</guid></item><item><title>SOC vs. MDR: What CISOs need to consider</title><link>https://www.techtarget.com/searchsecurity/tip/SOC-vs-MDR-What-CISOs-need-to-consider</link><description>Let's examine how SOC and MDR services compare and identify key considerations when choosing the best option for your organization.</description><pubDate>Mon, 18 May 2026 00:00:00 +0100</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/SOC-vs-MDR-What-CISOs-need-to-consider</guid></item><item><title>5 leading enterprise password managers to consider</title><link>https://www.techtarget.com/searchsecurity/tip/Leading-enterprise-password-managers-to-consider</link><description>Admins need their password managers to provide a wide range of features and capabilities. Learn what every password manager must have, along with available options.</description><pubDate>Thu, 07 May 2026 00:00:00 +0100</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/Leading-enterprise-password-managers-to-consider</guid></item><item><title>What are the most common authentication methods?</title><link>https://www.techtarget.com/searchsecurity/answer/What-are-the-most-common-digital-authentication-methods</link><description>To authenticate users, security teams have a range of options available. Note, however, that a combination of methods is the best and safest approach.</description><pubDate>Wed, 29 Apr 2026 00:00:00 +0100</pubDate><guid>https://www.techtarget.com/searchsecurity/answer/What-are-the-most-common-digital-authentication-methods</guid></item><item><title>Shadow code: The hidden threat for enterprise IT</title><link>https://www.techtarget.com/searchsecurity/tip/Shadow-code-The-hidden-threat-for-enterprise-IT</link><description>The shadow code running in your web apps could be a ticking time bomb. Learn more about the cybersecurity risks of shadow code and how to protect your enterprise.</description><pubDate>Tue, 28 Apr 2026 00:00:00 +0100</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/Shadow-code-The-hidden-threat-for-enterprise-IT</guid></item><item><title>NIST Special Publication (SP) 1800-40 (Draft), Automation of the NIST Cryptographic Module Validation Program</title><link>https://csrc.nist.gov/pubs/sp/1800/40/ipd</link><description>Draft NIST SP 1800-40, Automation of the NIST Cryptographic Module Validation Program, to demonstrate how structured test evidence, standardized submission protocols, and modernized computing infrastructure can streamline the submission and review process.</description><pubDate>Wed, 15 Apr 2026 00:00:00 +0100</pubDate><guid>https://csrc.nist.gov/pubs/sp/1800/40/ipd</guid></item><item><title>Next-generation firewall buyer's guide for CISOs</title><link>https://www.techtarget.com/searchsecurity/tip/Next-generation-firewall-buyers-guide-for-CISOs</link><description>NGFWs are crucial tools for modern security operations, but CISOs need to understand the often complex deployment, maintenance and budgeting implications.</description><pubDate>Thu, 09 Apr 2026 00:00:00 +0100</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/Next-generation-firewall-buyers-guide-for-CISOs</guid></item><item><title>10 enterprise secure remote access best practices</title><link>https://www.techtarget.com/searchsecurity/tip/10-enterprise-secure-remote-access-best-practices</link><description>Remote access is a critical necessity in today's work-from-anywhere environment. It's also incredibly risky. But there are ways to protect assets and combat potential attacks.</description><pubDate>Tue, 24 Mar 2026 00:00:00 +0000</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/10-enterprise-secure-remote-access-best-practices</guid></item><item><title>Top vulnerability scanning tools for security teams</title><link>https://www.techtarget.com/searchsecurity/tip/Top-vulnerability-scanning-tools-for-security-teams</link><description>Use these vulnerability scanning tools to find weaknesses and potential exploits in web applications, IT and cloud infrastructure, IoT devices and more.</description><pubDate>Mon, 23 Mar 2026 00:00:00 +0000</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/Top-vulnerability-scanning-tools-for-security-teams</guid></item><item><title>5G Network Security Design Principles: Applying 5G Cybersecurity and Privacy Capabilities</title><link>https://csrc.nist.gov/pubs/cswp/36/e/5g-network-security-design-principles/final</link><description>This white paper describes the network infrastructure design principles that commercial and private 5G network operators can use to improve cybersecurity and privacy. Such a network infrastructure isolates types of 5G network traffic from each other: data plane, control plane, and operation and maintenance (O&amp;M) traffic.</description><pubDate>Thu, 19 Mar 2026 00:00:00 +0000</pubDate><guid>https://csrc.nist.gov/pubs/cswp/36/e/5g-network-security-design-principles/final</guid></item><item><title>No SUPI-Based Paging: Applying 5G Cybersecurity and Privacy Capabilities</title><link>https://csrc.nist.gov/pubs/cswp/36/d/no-supi-based-paging-applying-5g-cybersecurity-and/final</link><description>This white paper provides an overview of “no Subscription Permanent Identifier (SUPI) based paging,” a 5G capability for protecting users from being identified and located by an attacker. Unlike previous generations of cellular systems, new requirements in 5G standards protect subscriber confidentiality by using a temporary identity (ID) instead of SUPI for the paging protocol, and explicitly define when the temporary ID must be reallocated (refreshed).</description><pubDate>Thu, 19 Mar 2026 00:00:00 +0000</pubDate><guid>https://csrc.nist.gov/pubs/cswp/36/d/no-supi-based-paging-applying-5g-cybersecurity-and/final</guid></item><item><title>Reallocation of Temporary Identities: Applying 5G Cybersecurity and Privacy Capabilities</title><link>https://csrc.nist.gov/pubs/cswp/36/c/reallocation-of-temporary-identities-applying-5g-c/final</link><description>This white paper describes how 5G standards have enhanced the implementation guideline to protect subscriber identities (IDs), specifically how the network reallocates temporary IDs to protect users from being identified and located by an attacker. Unlike previous generations of cellular systems, new requirements in 5G explicitly define when the temporary ID must be reallocated (refreshed).</description><pubDate>Thu, 19 Mar 2026 00:00:00 +0000</pubDate><guid>https://csrc.nist.gov/pubs/cswp/36/c/reallocation-of-temporary-identities-applying-5g-c/final</guid></item><item><title>Using Hardware-Enabled Security to Ensure 5G System Platform Integrity: Applying 5G Cybersecurity and Privacy Capabilities</title><link>https://csrc.nist.gov/pubs/cswp/36/b/using-hardware-enabled-security-to-ensure-5g-syste/final</link><description>This white paper provides an overview and an example of employing hardware-enabled security capabilities to provision, measure, attest to, and enforce the integrity of the compute platform to foster trust in a 5G system’s server infrastructure. It discusses security threats within computing environments and how leveraging hardware roots of trust (HRoT) and remote attestation can help mitigate specific threats.</description><pubDate>Thu, 19 Mar 2026 00:00:00 +0000</pubDate><guid>https://csrc.nist.gov/pubs/cswp/36/b/using-hardware-enabled-security-to-ensure-5g-syste/final</guid></item><item><title>Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI): Applying 5G Cybersecurity and Privacy Capabilities</title><link>https://csrc.nist.gov/pubs/cswp/36/a/protecting-subscriber-identifiers-with-suci-applyi/final</link><description>This white paper describes how Subscription Concealed Identifier (SUCI) protection can be enabled in 5G networks. SUCI protection is defined by 5G standards as an optional security capability for operator deployments. By enabling SUCI on their 5G networks and subscriber SIMs, and configuring SUCI to use a non-null encryption cipher scheme, 5G network operators can provide their customers with the advantages of SUCI’s protections.</description><pubDate>Thu, 19 Mar 2026 00:00:00 +0000</pubDate><guid>https://csrc.nist.gov/pubs/cswp/36/a/protecting-subscriber-identifiers-with-suci-applyi/final</guid></item><item><title>Applying 5G Cybersecurity and Privacy Capabilities: Introduction to the White Paper Series</title><link>https://csrc.nist.gov/pubs/cswp/36/applying-5g-cybersecurity-and-privacy-capabilities/final</link><description>This document introduces the white paper series titled Applying 5G Cybersecurity and Privacy Capabilities. Each paper in the series includes implementation guidelines and testbed-derived implementation findings for an individual technical cybersecurity- or privacy-supporting capability available in 5G systems or their supporting infrastructures.</description><pubDate>Thu, 19 Mar 2026 00:00:00 +0000</pubDate><guid>https://csrc.nist.gov/pubs/cswp/36/applying-5g-cybersecurity-and-privacy-capabilities/final</guid></item><item><title>Automation of the NIST Cryptographic Module Validation Program: September 2024 Status Report</title><link>https://csrc.nist.gov/pubs/cswp/37/a/automation-of-the-nist-cryptographic-module-valida/final</link><description>NIST has undertaken the Automated Cryptographic Module Validation Project (ACMVP) to support improvement in the efficiency and timeliness of CMVP operations and processes. The goal is to demonstrate a suite of automated tools that would permit organizations to perform testing of their cryptographic products according to the requirements of FIPS 140-3, then directly report the results to NIST using appropriate protocols. This is a status report of progress made so far with the ACMVP and the planned next steps for the project.</description><pubDate>Mon, 16 Mar 2026 00:00:00 +0000</pubDate><guid>https://csrc.nist.gov/pubs/cswp/37/a/automation-of-the-nist-cryptographic-module-valida/final</guid></item><item><title>Comparison of 5 top next-generation firewall vendors</title><link>https://www.techtarget.com/searchsecurity/feature/Explore-this-NGFW-comparison-of-leading-vendors-on-the-market</link><description>This article outlines key features and capabilities that CISOs and security decision-makers should consider when evaluating modern NGFWs and examines five top firewall options.</description><pubDate>Thu, 05 Mar 2026 00:00:00 +0000</pubDate><guid>https://www.techtarget.com/searchsecurity/feature/Explore-this-NGFW-comparison-of-leading-vendors-on-the-market</guid></item><item><title>How to reduce false positive alerts and increase cybersecurity</title><link>https://www.techtarget.com/searchsecurity/tip/How-to-reduce-false-positive-alerts-and-increase-cybersecurity</link><description>False positives in cybersecurity detection tools drain resources and distract from real threats. Once CISOs understand the root causes of false positives, they can implement strategies to reduce them.</description><pubDate>Mon, 02 Mar 2026 00:00:00 +0000</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/How-to-reduce-false-positive-alerts-and-increase-cybersecurity</guid></item><item><title>How to Perform a Data Risk Assessment, Step by Step</title><link>https://www.techtarget.com/searchsecurity/tip/How-to-perform-a-data-risk-assessment-step-by-step</link><description>Let's dig into what a data risk assessment is and how to perform one.</description><pubDate>Mon, 02 Mar 2026 00:00:00 +0000</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/How-to-perform-a-data-risk-assessment-step-by-step</guid></item><item><title>How to evaluate NGFW products to strengthen cybersecurity</title><link>https://www.techtarget.com/searchsecurity/tip/How-to-evaluate-NGFW-products-to-strengthen-cybersecurity</link><description>Next-generation firewalls are critical tools in today's evolving threat landscape. Learn how to evaluate and select an NGFW that will bolster your company's cybersecurity posture.</description><pubDate>Wed, 18 Feb 2026 00:00:00 +0000</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/How-to-evaluate-NGFW-products-to-strengthen-cybersecurity</guid></item><item><title>Data Classification Practices</title><link>https://csrc.nist.gov/News/2026/sp-1800-39-ipd-data-classification-practices</link><description>This guide, Data Classification Practices, demonstrates how organizations can discover, identify, and label unstructured data using data classification practices.</description><pubDate>Tue, 10 Feb 2026 00:00:00 +0000</pubDate><guid>https://csrc.nist.gov/News/2026/sp-1800-39-ipd-data-classification-practices</guid></item><item><title>10 Types of Information Security Threats for IT Teams</title><link>https://www.techtarget.com/searchsecurity/feature/Top-10-types-of-information-security-threats-for-IT-teams</link><description>Cybersecurity teams must be mindful at all times of the current threats their organization faces. While it's impossible to thwart every threat, stopping as many as possible and quickly detecting when they occur are both critical for reducing damage. Here are 10 types of threats that cybersecurity teams should focus on.</description><pubDate>Thu, 05 Feb 2026 00:00:00 +0000</pubDate><guid>https://www.techtarget.com/searchsecurity/feature/Top-10-types-of-information-security-threats-for-IT-teams</guid></item><item><title>Top open source and commercial threat intelligence feeds</title><link>https://www.techtarget.com/searchsecurity/tip/Top-open-source-and-commercial-threat-intelligence-feeds</link><description>Let's take a closer look at cybersecurity threat intelligence feeds and highlight some leading options -- both open source and commercial.</description><pubDate>Wed, 04 Feb 2026 00:00:00 +0000</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/Top-open-source-and-commercial-threat-intelligence-feeds</guid></item><item><title>5 deepfake detection tools to protect enterprise users</title><link>https://www.techtarget.com/searchsecurity/tip/5-deepfake-detection-tools-to-protect-enterprise-users</link><description>Let's look at five of the top tools that CISOs can use today to detect deepfake videos entering their organizations.</description><pubDate>Fri, 30 Jan 2026 00:00:00 +0000</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/5-deepfake-detection-tools-to-protect-enterprise-users</guid></item><item><title>NIST's Secure Software Development Framework (SSDF) 1.2</title><link>https://www.tcannex.com/p/nists-secure-software-development</link><description>The content updates from SSDF 1.1 to 1.2 are relatively small, but the changes in format and layout are significant, which makes it arduous to do a side-by-side comparison. To aid you in seeing what’s changed, we’ve created an annotated version. It highlights new content in green and changed content in orange (except for references). Each highlighted instance of changed content also has a callout box with the old text and the new text.</description><pubDate>Tue, 27 Jan 2026 00:00:00 +0000</pubDate><guid>https://www.tcannex.com/p/nists-secure-software-development</guid></item><item><title>Five takeaways from NIST SP 800-70 update</title><link>https://www.tcannex.com/p/five-takeaways-from-nist-sp-800-70</link><description>To help public comment reviewers and anyone else interested in the details of the changes, we’ve done a side-by-side comparison of the revisions and identified the  five most significant takeaways.</description><pubDate>Mon, 12 Jan 2026 00:00:00 +0000</pubDate><guid>https://www.tcannex.com/p/five-takeaways-from-nist-sp-800-70</guid></item><item><title>How to Create an Incident Response Playbook</title><link>https://www.techtarget.com/searchsecurity/tip/How-to-create-an-incident-response-playbook</link><description>Here's a look at what incident response playbooks accomplish, why they are important and how to use them.</description><pubDate>Fri, 09 Jan 2026 00:00:00 +0000</pubDate><guid>https://www.techtarget.com/searchsecurity/tip/How-to-create-an-incident-response-playbook</guid></item><item><title>Do AI chatbots tell the truth? Six-month follow-up</title><link>https://www.tcannex.com/p/do-ai-chatbots-tell-the-truth-six</link><description>Six months ago, I tested five AI chatbots—ChatGPT, Claude, Copilot, Gemini, and Perplexity—to see how they performed when asked to provide a set of facts from a publicly available cybersecurity standard. The results were…not great.It’s time to repeat the tests and see how the chatbots’ performance has changed.</description><pubDate>Tue, 06 Jan 2026 00:00:00 +0000</pubDate><guid>https://www.tcannex.com/p/do-ai-chatbots-tell-the-truth-six</guid></item><item><title>Integrating Cybersecurity and Enterprise Risk Management (ERM)</title><link>https://csrc.nist.gov/pubs/ir/8286/r1/final</link><description>This document is intended to help individual organizations within an enterprise improve their cybersecurity risk information, shared through their enterprise’s ERM processes.</description><pubDate>Thu, 18 Dec 2025 00:00:00 +0000</pubDate><guid>https://csrc.nist.gov/pubs/ir/8286/r1/final</guid></item><item><title>Draft SSDF 1.2</title><link>https://csrc.nist.gov/News/2025/draft-ssdf-version-1-2</link><description>NIST has released the initial public draft of Special Publication (SP) 800-218r1 (Revision 1), Secure Software Development Framework (SSDF) Version 1.2: Recommendations for Mitigating the Risk of Software Vulnerabilities, per Executive Order 14306. This document describes new and improved practices, tasks, and examples for the secure and reliable development, delivery, and improvement of software.</description><pubDate>Wed, 17 Dec 2025 00:00:00 +0000</pubDate><guid>https://csrc.nist.gov/News/2025/draft-ssdf-version-1-2</guid></item></channel></rss>