NIST releases report outlining cyber considerations for enterprise risk management

The National Institute of Standards and Technology has published a report providing details on how cybersecurity risks should be evaluated as part of an overall enterprise risk management strategy.

“NISTIR 8286A is intended to help organizations better implement cybersecurity risk management (CSRM) as an integral part of ERM -- both taking its direction from ERM and informing it,” NIST said in an announcement on Friday. “The increasing frequency, creativity, and severity of cybersecurity attacks mean that all enterprises should ensure...