NIST promotes upcoming privacy framework as favorable to industry, innovation

Having a process that's focused on privacy and modeled on the framework of cybersecurity standards might allow a greater set of ideas to surface for managing risk in the area, beyond those available through the National Institute of Standards and Technology's pending Risk Management Framework alone, NIST's Naomi Lefkowitz said in an interview with Inside Cybersecurity.

“It's not that we don't think that non-federal organizations can't use the RMF,” Lefkowitz said of the Risk Management Framework. “They absolutely can, any...