Internet Security Alliance: Framework metrics would help businesses prioritize efforts

The Internet Security Alliance is calling for metrics that allow businesses to prioritize their cybersecurity efforts based on the National Institute of Standards and Technology cybersecurity framework, while stressing the need for NIST and other agencies to continue promoting the voluntary, public-private partnership approach to cybersecurity.

The comments come in response to a request for information on proposed revisions to the landmark NIST cyber framework, originally issued in 2014, that include a discussion about ways to measure the tool's...