The National Institute of Standards and Technology (NIST) recently published a draft cybersecurity self-assessment tool entitled “The Baldrige Cybersecurity Excellence Builder,” which provides organizations with a tool to determine its security maturity level.
According to the guide, it will assist organizations to:
- Determine cybersecurity-related activities that are important to business strategy and the delivery of critical services
- Prioritize investments for managing cybersecurity risks
- Assess the effectiveness and efficiency of using cybersecurity standards, guidelines and practices
- Assess results of implementing security tools
- Identify priorities for investments for improvement of enterprise wide security
The goal is to help organizations figure out where they are in the data security continuum, provide tools to help them determine where they should be in their security maturity, and assist with how to implement an action plan to get to where they need to be in protecting the organization’s data. It’s an important process to go through, a worthwhile read, and the comment period is open until December 15, 2016.