Tech industry groups stress flexibility in measuring NIST framework effectiveness

Three major technology sector groups are urging the National Institute of Standards and Technology to protect the flexible nature of the federal framework of cybersecurity standards as NIST develops a process for measuring effective use of the framework.

In comments submitted to NIST last week on an updated “version 1.1” of the framework including provisions on measurement and supply chain risk management, among other topics, tech groups such as the Information Technology Industry Council said that NIST needs to...