Regulators welcome finance-sector profile based on NIST framework, but need time to examine implementation

Financial-sector regulators are welcoming the industry's introduction of a NIST cyber framework-based profile for guiding institutions' implementation of cybersecurity policies – citing potential new efficiencies in their examination processes – but say it will take time to see how use of the profile measures up against their expectations.

“While we're not going to mandate the use of the profile, we'll welcome any financial institution to provide information to us using the structure and taxonomy of the profile, we see that...