Is the final version of the NIST Cybersecurity Standard too watered-down?

Brandan Brandan Blevins Profile: Brandan
Cybersecurity legislation
Data security standards

1 Reply to this discussion

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members reply.
  • Brandan
    Thanks for sharing that info, John.

    I should also make mention of the voluntary DHS C-cubed program, which was announced alongside the framework:

    "The C³ Voluntary Program will assist stakeholders with understanding use
    of the Framework and other cyber risk management efforts, and support
    development of general and sector-specific guidance for Framework
    implementation. The C³ Voluntary Program will also work with the 16
    critical infrastructure sectors to develop sector-specific guidance, as
    needed, for using the Framework."

    That sounds good on paper, especially providing more industry-specific advice, but experts I've spoken with are still concerned that organizations won't have access to the experts that understand the threats targeting critical infrastructure. We'll see how that plays out.
    1,130 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: