NIST Releases Draft Guidance for Cybersecurity Excellence

NIST is requesting public comments on the draft document, which blends the best of two globally recognized and widely used NIST resources.

The National Institute of Standards and Technology (NIST), a Commerce Department agency, has released a draft Baldrige Cybersecurity Excellence Builder, describing it as a self-assessment tool to help organizations better understand the effectiveness of their cybersecurity risk management efforts. NIST is requesting public comments on the draft document, which blends the best of two globally recognized and widely used NIST resources: the organizational performance evaluation strategies from the Baldrige Performance Excellence Program and the risk management mechanisms of the Cybersecurity Framework.

Deputy Secretary of Commerce Bruce Andrews announced the release of the draft document at the Internet Security Alliance's 15th Anniversary Conference in Washington, D.C. "The Baldrige Cybersecurity Excellence Builder answers a call from many organizations to provide a way for them to measure how effectively they are using the Cybersecurity Framework," he said. "The Builder will strengthen the already powerful Cybersecurity Framework so that organizations can better manage their cybersecurity risks."

According to NIST, organizations using it can:

  • determine cybersecurity-related activities that are important to business strategy and the delivery of critical services
  • prioritize their investments in managing cybersecurity risk
  • assess their results and their effectiveness and efficiency in using cybersecurity standards, guidelines, and practices
  • identify priorities for improvement

The Cybersecurity Framework was released in February 2014 and was created by NIST through a collaborative process involving industry, academia, and government agencies. According to a Gartner report, the framework is currently used by 30 percent of U.S. organizations and that number is expected to rise to 50 percent by 2020.

Download Center

HTML - No Current Item Deck
  • Safety Management Software - Free Demo

    IndustrySafe Safety Software’s comprehensive suite of modules help organizations to record and manage incidents, inspections, hazards, behavior based safety observations, and much more. Improve safety with an easy to use tool for tracking, notifying and reporting on key safety data.

  • The Top 5 Safety and Technology Trends to Watch in 2020

    Get the latest on trends you can expect to hear more about in 2020, including continued growth of mobile safety applications, wearable technology, and smart PPE; autonomous vehicles; and increased adoption of international safety standard, ISO 45001.

  • Get the Ultimate Guide to OSHA Recordkeeping

    OSHA’s Form 300A posting deadline is February 1! Are you prepared? To help answer your key recordkeeping questions, IndustrySafe put together this guide with critical compliance information.

  • The 4 Stages of an Incident Investigation

    So, your workplace has just experienced an incident resulting in the injury or illness of a worker. Now what? OSHA recommends that you conduct investigations of workplace incidents using a four-step system.

  • Why Is Near Miss Reporting Important?

    A near miss is an accident that's waiting to happen. Learn how to investigate these close calls and prevent more serious incidents from occurring in the future.

  • Industry Safe
comments powered by Disqus

OH&S Digital Edition

  • OHS Magazine Digital Edition - November December 2019

    November / December 2019

    Featuring:

    • GAS DETECTION
      Redefining Compliance for the Gas Detection Buyer
    • FALL PROTECTION
      Don't Trip Over the Basics
    • VISION PROTECTION
      What to Look for in Head-to-Toe PPE Solutions
    • PROTECTIVE APPAREL
      Effective PPE for Flammable Dust
    View This Issue