HIMSS August 30, 2019
What is a Cybersecurity Framework?
A cybersecurity framework serves as a roadmap to organize cybersecurity risk management activities for an organization.
Frameworks are comprised of industry guidelines, best practices and standards, and can be voluntary or mandatory. As an example, the U.S. Department of Commerce’s National Institute of Standards and Technology’s NIST Cybersecurity Framework is a voluntary framework that can be adopted if an organization so chooses. But others are required, like one framework that’s mandatory for any organization globally that accepts, processes, stores, or transmits credit card information.
Implementation of a formal framework may benefit your organization in terms of helping to improve your security posture and enhance your resilience against cyberattacks or other compromises. Frameworks generally define a...