NIST Unveils Updated Guidance to Enhance Cybersecurity Performance for Agencies
GovTech
|
Contributed by: Drex DeFord
Summary
The National Institute of Standards and Technology (NIST) has published an updated edition of its guidance on measuring cybersecurity performance for government organizations, known as NIST Special Publication (SP) 800-55. This new version, comprising two volumes, assists agencies in assessing the effectiveness of their cybersecurity initiatives. Volume one focuses on identifying and selecting appropriate measures, emphasizing the evaluation of existing security policies, while volume two provides a framework for managing a cybersecurity measurement program that promotes communication among stakeholders. Key updates include enhanced guidance for quantitatively measuring cybersecurity outcomes and an expansion of the intended audience for the guidance.
