Cybersecurity, Privacy, & AI

Trending Now
Daybreak Is OpenAI’s Answer to the AI Arms Race in Cybersecurity • Cyber Operations Aren’t Slow — Our Thinking Is • ‘No Time to Waste’ in Prepping Governments for AI Cyber Threats, Top Dem Lawmaker Says • ‘Insatiable Appetite’ for AI: Maven Usage Surged for Strikes on Iran, Pentagon AI Chief Says • Navigating Automation, Robotics, AI, and Data in a QMSR-Driven Manufacturing World
Protests & Claims Newsletter Cyber & Privacy Newsletter Compliance & Enforcement Newsletter Development Newsletter Transforming Procurement Newsletter
Published on November 2, 2018 Cyber

NIST Offers Insight Into Updated Risk Management Framework

The National Institute of Standards and Technology has issued a Final Draft of Special Publication 800-37, Revision 2, Risk Management Framework for Information Systems and Organizations–A System Life Cycle Approach for Security and Privacy. The draft features several updates aimed at supply chain risk, the NIST Cybersecurity Framework, and the pending update to NIST SP 800-53, Revision 5, which is focused on information security for federal information systems but now with an added emphasis on privacy-by-design.

One of the key changes is the introduction of a new step in the process: “Prepare.” The purpose of this step is to achieve more cost-effective and efficient security and privacy risk management processes. The revised RMF reflects the increasing trend toward approaching risk assessment and risk management as a comprehensive, enterprise-wide responsibility rather than as a series of discrete activities divided into subject matter silos.

Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–SaturdaySubscribe here.

© PubKGroup 2024