Inside Cybersecurity

October 3, 2022

Daily News

New NIST report completes risk management series offering tools for integrating cyber into enterprise risk decision-making

By Charlie Mitchell / September 15, 2022

NIST has released the final report in a series on integrating cyber risk management and enterprise risk management, with an eye toward improving government and private sector decision-making in addressing cybersecurity priorities.

NIST IR 8286C describes methods for combining risk information from across the enterprise, including notional examples for aggregating and normalizing the results from cybersecurity risk registers (CSRRs) while considering risk parameters, criteria, and business impacts,” according to a statement issued Wednesday by the National Institute of Standards...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.