NIST Offers Guidance on Evaluating Information Security Monitoring Programs

Organizations need to continually evaluate themselves in order to manage their cybersecurity. The National Institute of Standards and Technology (NIST) released guidance on how to assess Information Security Continuous Monitoring (ISCM) programs for commercial entities as well as Federal, state, and local government organizations. The guidance, NIST Special Publication 800-137A, “can be used as presented or as the starting point for an organization-specific methodology,” according to the publication.

Categories

Recent