NIST Updates Cyber-Security Policy With New Insight Into Managing Risk

Today’s topics include the National Institute of Standards and Technology releasing the final version of its Risk Management Framework, and Microsoft adding live captioning and subtitles to Skype for improved accessibility.

The National Institute of Standards and Technology has released the final version of its Risk Management Framework 2.0 update, providing organizations with new detailed insight into how to define and manage risk.

The freely available 183-page RMF 2.0 outlines how federal agencies and those that wish to align with the standard can address security and privacy risk management. Among the key additions in the update is an alignment and integration with the NIST Cybersecurity Framework.

NIST’s Ron Ross, one of the publication’s authors, said, "RMF 2.0 gives federal agencies a very powerful tool to manage both security and privacy risks from a single, unified framework. It ensures the term compliance means real cybersecurity and privacy risk management—not just satisfying a static set of controls in a checklist."

Microsoft has added live captioning and subtitle capabilities to Skype, improving the application for users who are deaf, have hearing disabilities or who speak different languages.

The new capabilities will also arrive natively in Microsoft PowerPoint in early 2019. The improvements are available immediately in Skype as an automatically scrolling caption, but the feature will be expanded soon to use a side window where users can peruse the text that was previously displayed on the screen.

In addition, Skype will soon be adding translation support for more than 20 languages to help users who speak in different languages. When the services launch as part of PowerPoint, they will support presentations in one of more than 10 spoken languages and captions and subtitles on the screen in one of more than 60 text languages.