November 27, 2020
NIST issues draft guide for assessing effectiveness of federal cybersecurity monitoring
The National Institute of Standards and Technology has issued draft guidelines for evaluating the effectiveness of continuous monitoring of cybersecurity vulnerabilities and threats by federal agencies.
The draft document, NIST Special Publication 800-137A, provides an approach for federal agencies to assess the performance of Information Security Continuous Monitoring (ISCM) programs. Comments are due Feb. 28.
“An ISCM program assessment provides organizational leadership with information on the effectiveness and completeness of the organization's ISCM program, to include review of ISCM...