Cybersecurity, Privacy, & AI

Trending Now
NIST’s Cyber Center Moves Forward With ‘Cyber AI Profile,’ Agentic AI Projects • How the Defense Intelligence Agency Is Fast-Tracking Data and AI Modernization • Supreme Court Delivers ‘Major Win’ for Tech Privacy in Chatrie Ruling • CISA Issues Zero Trust Guide Supporting TIC 3.0 Adoption • FedRAMP 2026 Is Not a Compliance Update — It’s a New Operating Model

NIST Invites Comment on Guidance for Who Gets to Access What in the Cloud

Blackboard | Shutterstock

Stakeholders have until May 15 to provide feedback to NIST on draft guidance for controlling how various users should be allowed to navigate within cloud computing environments.

The push to adopt cloud services has sometimes led to a misconception that cloud providers become responsible for securing sensitive data from hackers. Draft NIST Special Publication 800-210 refutes that contention, before delving into specific guidelines and recommendations on the cloud services federal agencies are encouraged to adopt. It presents cloud access control characteristics and a set of general access control guidance for cloud service models: IaaS (Infrastructure as a Service), PaaS (Platform as a Service), and SaaS (Software as a Service).

More at NextGov

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.