NIST guide provides roadmap on integrating cyber and enterprise risk management efforts

NIST has issued a guide on how entities can manage cybersecurity risks within the context of their overall risk management strategies, with an eye on providing a common language and approaches to metrics and measurement.

“NISTIR 8286, ‘Integrating Cybersecurity and Enterprise Risk Management (ERM),’ promotes greater understanding of the relationship between cybersecurity risk management and ERM, and the benefits of integrating those approaches,” according to the National Institute of Standards and Technology.

The NISTIR was posted Tuesday and incorporates...