"NIST Offers Guidance on Measuring and Improving Your Company's Cybersecurity Program"

The two-volume document, with the overall title "NIST Special Publication (SP) 800-55 Revision 2: Measurement Guide for Information Security," provides guidance on establishing an effective cybersecurity program as well as a flexible approach to developing information security measures to meet an organization's performance objectives. NIST is requesting public feedback on this initial public draft by March 18, 2024. The publication is designed to be used in conjunction with any risk management framework, such as NIST's Cybersecurity Framework or Risk Management Framework. This article continues to discuss NIST's draft publication that can help evaluate information security efforts.

NIST reports "NIST Offers Guidance on Measuring and Improving Your Company's Cybersecurity Program"

Submitted by grigby1