April 17, 2021
NIST offers ‘example methodology’ to assess effectiveness of cyber continuous monitoring efforts
A new NIST report provides organizations with guidance on assessing and tailoring their information security continuous monitoring programs, “as well as recording and reporting scores and data for analysis and action.”
“NISTIR 8212: An Information Security Continuous Monitoring Program Assessment” was released Wednesday and “describes an example methodology for assessing an organization’s Information Security Continuous Monitoring (ISCM) program. It was developed directly from NIST guidance and is applicable to any organization, public or private.”
According to the report, “It...