4 charts that will keep federal CIOs up at night
January 23, 2015
Two reports released this week show that everything — threat factors, cloud adoption and security budgets — is growing. But organizations' data may not be any safer.
The National Institute of Standards and Technology has released a new publication, "Information Security Continuous Monitoring (ISCM) for Information Systems and Organizations" (SP 800-137), aimed at helping "organizations understand their security posture against threats and vulnerabilities and determine how effectively their security controls are working."
"This is a guide for an organization that has already implemented the first five steps of the NIST Risk Management Framework (RMF) and is ready to move on to the last step, which is developing a systematic way of making sure the previous steps are implemented effectively," said NIST researcher and one of the report's authors Kelley Dempsey announcing the publication.