Since the first release in 2014 of the National Institute of Standards and Technology (NIST) Framework for Improving Crtical Infrastructure Cybersecurity, known simply as the NIST Cybersecurity Framework, there has been what could be considered a rapid adoption of the framework. Within the federal government, 82% of agencies are either fully or partially adopting the NIST framework, perhaps more telling is that 53% of organizations outside the federal government have adopted NIST standards.
The NIST Cybersecurity Framework was developed as a flexible framework of security standards, guidelines and best practices for federal agencies to build upon. As the Framework itself notes, it is not a one-size-fits-all approach to managing cybersecurity risk, but rather offers practices that can be customized to different threats, vulnerabilities and risk tolerances. It was designed to evolve as the risk and solutions landscape changes, empowering it with a fluidity many other standards lack. In this way, the Framework has become a solid foundation for many industries.
The core functions of the cybersecurity framework focus on identifying risks, protecting data or deterring threads, detecting threats, incident response and recovery planning. Each of these functions lay out a clear roadmap for organizations of any industry to plan a cohesive risk-based strategy around. As PwC notes in their whitepaper, the widespread use of NIST standards can help foster effective collaboration among organizations and casts the discussion of cybersecurity in the language of risk management, effectively translating data security into a business issue.
At Absolute, we want to help your organization with your risk management and data security planning, to meet your unique challenges. Our customers rely on us to provide them with a unique and trusted layer of security so they can manage mobility while remaining firmly in control. By providing them with a persistent connection to all of their devices, our customers can secure endpoints, assess risk, and respond appropriately to security incidents. To learn more, visit our website.