February 27, 2024
NIST seeks input on guidance for measuring progress on information security objectives
The National Institute of Standards and Technology has released draft guidance providing performance measures for information security designed for stakeholders to use alongside risk management frameworks, including the upcoming release of the CSF 2.0.
The guidance, now split into two parts, offers a “road map for creating a practical information security measurement program” that will allow organizations to measure and present their implementation progress, according to a Wednesday announcement. NIST is accepting comments through March 18.
The two volumes...