NIST Releases Draft Guidance for Cybersecurity Excellence

NIST is requesting public comments on the draft document, which blends the best of two globally recognized and widely used NIST resources.

The National Institute of Standards and Technology (NIST), a Commerce Department agency, has released a draft Baldrige Cybersecurity Excellence Builder, describing it as a self-assessment tool to help organizations better understand the effectiveness of their cybersecurity risk management efforts. NIST is requesting public comments on the draft document, which blends the best of two globally recognized and widely used NIST resources: the organizational performance evaluation strategies from the Baldrige Performance Excellence Program and the risk management mechanisms of the Cybersecurity Framework.

Deputy Secretary of Commerce Bruce Andrews announced the release of the draft document at the Internet Security Alliance's 15th Anniversary Conference in Washington, D.C. "The Baldrige Cybersecurity Excellence Builder answers a call from many organizations to provide a way for them to measure how effectively they are using the Cybersecurity Framework," he said. "The Builder will strengthen the already powerful Cybersecurity Framework so that organizations can better manage their cybersecurity risks."

According to NIST, organizations using it can:

  • determine cybersecurity-related activities that are important to business strategy and the delivery of critical services
  • prioritize their investments in managing cybersecurity risk
  • assess their results and their effectiveness and efficiency in using cybersecurity standards, guidelines, and practices
  • identify priorities for improvement

The Cybersecurity Framework was released in February 2014 and was created by NIST through a collaborative process involving industry, academia, and government agencies. According to a Gartner report, the framework is currently used by 30 percent of U.S. organizations and that number is expected to rise to 50 percent by 2020.

Download Center

HTML - No Current Item Deck
  • Free Safety Management Software Demo

    IndustrySafe Safety Management Software helps organizations to improve safety by providing a comprehensive toolset of software modules to help businesses identify trouble spots; reduce claims, lost days, OSHA fines; and more.

  • Get the Ultimate Guide to OSHA Recordkeeping

    When it comes to OSHA recordkeeping there are always questions regarding the requirements and in and outs. IndustrySafe is here to help. We put together this page with critical information to help answer your key questions about OSHA recordkeeping.

  • Safety Training 101

    When it comes to safety training, no matter the industry, there are always questions regarding requirements and certifications. We put together a guide that’s easy to digest so you can ensure you're complying with OSHA's training standards.

  • Conduct EHS Inspections and Audits

    Record and manage your organization’s inspection data with IndustrySafe’s Inspections module. IndustrySafe’s pre-built forms and checklists may be used as is, or can be customized to better suit the needs of your organization.

  • Track Key Safety Performance Indicators

    IndustrySafe’s Dashboard Module allows organizations to easily track safety KPIs and metrics. Gain increased visibility into your business’ operations and safety data.

  • Industry Safe
comments powered by Disqus