"New NCCoE Guide Helps Major Industries Observe Incoming Data While Using Latest Internet Security Protocol"
The National Institute of Standards and Technology (NIST) has released a practice guide covering methods aimed at helping major industries implement the Internet security protocol TLS 1.3, as well as conduct network monitoring and auditing safely, securely, and effectively. Companies in finance, healthcare, and other major industries must follow best practices for monitoring incoming data for cyberattacks. TLS 1.3 provides advanced protection but complicates the performance of required data audits. The new draft practice guide, "Addressing Visibility Challenges with TLS 1.3 within the Enterprise" (NIST Special Publication (SP) 1800-37), aims to help companies comply with the latest ways of securing data that travels over the public Internet to their internal servers, while also adhering to regulations requiring continuous monitoring and auditing of this data for evidence of cyberattacks. This article continues to discuss the new practice guide that describes the advantages of TLS 1.3 with solutions to manage keys and shows how to develop a solution for meeting requirements using the new protocol.
Submitted by grigby1