Cyber policy leader Clinton: Timely update of NIST cyber framework should focus on small business needs, effectiveness

The timing is right for a planned update to the National Institute of Standards and Technology’s cybersecurity framework, says Internet Security Alliance president Larry Clinton, who stresses the effort should include measuring what actually works to improve security and on addressing the needs of smaller enterprises.

“This is an appropriate time to review the initial NIST cybersecurity framework,” Clinton said. “The important question is what will the nature of that review be?”

NIST in December announced plans to issue...