NIST Releases Draft Guidance for Cybersecurity Excellence

NIST is requesting public comments on the draft document, which blends the best of two globally recognized and widely used NIST resources.

The National Institute of Standards and Technology (NIST), a Commerce Department agency, has released a draft Baldrige Cybersecurity Excellence Builder, describing it as a self-assessment tool to help organizations better understand the effectiveness of their cybersecurity risk management efforts. NIST is requesting public comments on the draft document, which blends the best of two globally recognized and widely used NIST resources: the organizational performance evaluation strategies from the Baldrige Performance Excellence Program and the risk management mechanisms of the Cybersecurity Framework.

Deputy Secretary of Commerce Bruce Andrews announced the release of the draft document at the Internet Security Alliance's 15th Anniversary Conference in Washington, D.C. "The Baldrige Cybersecurity Excellence Builder answers a call from many organizations to provide a way for them to measure how effectively they are using the Cybersecurity Framework," he said. "The Builder will strengthen the already powerful Cybersecurity Framework so that organizations can better manage their cybersecurity risks."

According to NIST, organizations using it can:

  • determine cybersecurity-related activities that are important to business strategy and the delivery of critical services
  • prioritize their investments in managing cybersecurity risk
  • assess their results and their effectiveness and efficiency in using cybersecurity standards, guidelines, and practices
  • identify priorities for improvement

The Cybersecurity Framework was released in February 2014 and was created by NIST through a collaborative process involving industry, academia, and government agencies. According to a Gartner report, the framework is currently used by 30 percent of U.S. organizations and that number is expected to rise to 50 percent by 2020.

Download Center

HTML - No Current Item Deck
  • Free Safety Management Software Demo

    IndustrySafe Safety Management Software helps organizations to improve safety by providing a comprehensive toolset of software modules to help businesses identify trouble spots; reduce claims, lost days, OSHA fines; and more.

  • Complete Online Safety Training Courses

    Deliver state-of-the art, online safety training courses to your organization with IndustrySafe Training Management Software. Generate reports to track training compliance and automatically notify learners of upcoming or overdue classes.

  • Easy to Use Safety Inspection App

    Conduct inspections on the go with IndustrySafe’s mobile app. Complete safety audits at job sites and remote locations—with or without web access.

  • Track Key Safety Performance Indicators

    IndustrySafe’s Dashboard Module allows organizations to easily track safety KPIs and metrics. Gain increased visibility into your business’ operations and safety data.

  • Analyze Incident Data and Maintain OSHA Compliance

    Collect relevant incident data, analyze trends, and generate accurate regulatory reports, including OSHA 300, 300A, and 301 logs, through IndustrySafe’s extensive incident reporting and investigation module.

  • Industry Safe
comments powered by Disqus