NIST releases second revision of risk management framework, integrating security and privacy

The National Institute of Standards and Technology today released the second revision of its risk management framework for information systems and organizations, with new additions making this the first cybersecurity framework to fully integrate privacy, according to a NIST official.

“I believe we are the first security framework that has actually taken on the task of integrating privacy risk management into the security framework,” Ronald Ross, NIST fellow and computer scientist, told Inside Cybersecurity. “The framework now isn't a cybersecurity...