NIST Releases Draft Guidance for Cybersecurity Excellence

NIST is requesting public comments on the draft document, which blends the best of two globally recognized and widely used NIST resources.

The National Institute of Standards and Technology (NIST), a Commerce Department agency, has released a draft Baldrige Cybersecurity Excellence Builder, describing it as a self-assessment tool to help organizations better understand the effectiveness of their cybersecurity risk management efforts. NIST is requesting public comments on the draft document, which blends the best of two globally recognized and widely used NIST resources: the organizational performance evaluation strategies from the Baldrige Performance Excellence Program and the risk management mechanisms of the Cybersecurity Framework.

Deputy Secretary of Commerce Bruce Andrews announced the release of the draft document at the Internet Security Alliance's 15th Anniversary Conference in Washington, D.C. "The Baldrige Cybersecurity Excellence Builder answers a call from many organizations to provide a way for them to measure how effectively they are using the Cybersecurity Framework," he said. "The Builder will strengthen the already powerful Cybersecurity Framework so that organizations can better manage their cybersecurity risks."

According to NIST, organizations using it can:

  • determine cybersecurity-related activities that are important to business strategy and the delivery of critical services
  • prioritize their investments in managing cybersecurity risk
  • assess their results and their effectiveness and efficiency in using cybersecurity standards, guidelines, and practices
  • identify priorities for improvement

The Cybersecurity Framework was released in February 2014 and was created by NIST through a collaborative process involving industry, academia, and government agencies. According to a Gartner report, the framework is currently used by 30 percent of U.S. organizations and that number is expected to rise to 50 percent by 2020.

Download Center

HTML - No Current Item Deck
  • Free Safety Management Software Demo

    IndustrySafe Safety Management Software helps organizations to improve safety by providing a comprehensive toolset of software modules to help businesses identify trouble spots; reduce claims, lost days, OSHA fines; and more.

  • The Top 5 Safety and Technology Trends to Watch

    Get the latest on trends you can expect to hear more about in 2019, including continued growth of mobile safety applications, wearable technology, and smart PPE; autonomous vehicles; pending OSHA recordkeeping rulemaking; and increased adoption of international safety standard, ISO 45001.

  • Analyze Incident Data

    Collect relevant incident data, analyze trends, and generate accurate regulatory reports, including OSHA 300, 300A, and 301 logs, through IndustrySafe’s extensive incident reporting and investigation module.

  • Safety Training 101

    When it comes to safety training, no matter the industry, there are always questions regarding requirements and certifications. We’ve put together a guide on key safety training topics, requirements for certifications, and answers to common training questions.

  • Conduct EHS Inspections and Audits

    Record and manage your organization’s inspection data with IndustrySafe’s Inspections module. IndustrySafe’s pre-built forms and checklists may be used as is, or can be customized to better suit the needs of your organization.

  • Industry Safe
comments powered by Disqus

OH&S Digital Edition

  • OHS Magazine Digital Edition - January 2019

    January / February 2019

    Featuring:

    • PREVENTING ERRORS
      Production vs. Safety 
    • EMERGENCY SHOWERS & EYEWASH
      Meeting the Requirements for Emergency Equipment
    • CONSTRUCTION SAFETY
      The State of Contractor Safety
    • FOOT PROTECTION
      The Three Keys to Effective Chemical Management
    View This Issue