NIST CSF: The De Facto Standard for Cybersecurity
“The NIST cyber framework is quickly becoming the de facto standard by which cyber security is going to be measured..
.. at least on the minimum level, and we’ve already seen that bleed into the private sector,” said Michael Born, dent and account executive of the global technology and privacy practice at Lockton Cos. L.L.C.
It requires federal agencies to comply with the NIST framework, “but many private companies are complying voluntarily, and many IT service vendors are basing their assessments on the NIST framework, and many insurance underwriters are using that to assess the exposure associated with cyber insurance applicants,” he said.
Read the source article from Business Insurance here.