The exposure of consumer personal information is front and center in the headlines today. For companies, the loss of critical business data – trade secrets, confidential strategy documents and the like – can also result in reputational, financial or operational impacts.
To secure this information, many are turning to the NIST Cybersecurity Framework for guidance. It references leading information and cyber security standards and is becoming the de facto approach for which to align programs. For some sectors and contracts, it is required.
The NIST Framework also looks beyond just ‘technology’ to address the ‘people and processes’ required for effective information protection.