Survey: Agencies love the NIST cybersecurity framework

December 9, 2015

Greg Otto

Not only has the National Institute of Standards and Technology’s cybersecurity framework raised the awareness of IT security in boardrooms across the country, it’s become a staple inside the government.

A wide majority of federal IT security employees surveyed by Dell are using the NIST framework in some fashion. Eighty-two percent told the company they are using sections of the framework within their own cybersecurity programs, with 53 percent saying they use the entire guide.

Of those who are using the framework, 74 percent say it's used as a foundation for their cybersecurity roadmap, helping to improve organizational security.

Paul Christman, vice president of federal for Dell Software, said the framework is “just good policy,” no matter what sector is moving to embrace it.

“It applies to everyone,” he told FedScoop. “It applies to schools, universities, hospitals, [the Defense Department], [the Intelligence Community], and civilian agencies. The document doesn’t say ‘This is how the government should protect the government,’ ‘This is how a bank should protect a bank.' NIST was really trying to say ‘This wasn't a government program or mandate;' it’s just good practice.”

Read Full Article