Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
With a world-class measurement and testing laboratory encompassing a wide range of areas of computer science, mathematics, statistics, and systems engineering, NIST’s cybersecurity program supports its overall mission to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and related technology through research and development in ways that enhance economic security and improve our quality of life.
The need for cybersecurity standards and best practices that address interoperability, usability and privacy continues to be critical for the nation. NIST’s cybersecurity programs seek to enable greater development and application of practical, innovative security technologies and methodologies that enhance the country’s ability to address current and future computer and information security challenges.
The Missing Link: Integrating Cybersecurity and ERM
Held: June 19, 2020
Enterprise Risk Management (ERM) has recently been adopted as a best practice in the federal government. Information security and cybersecurity have long incorporated ERM principles as part of the layered approach to managing risks. However, to be effective, these functions need to communicate effectively to inform decisions at on risk acceptance, impacts to strategic goals and objectives, and allocation of resources. A panel of experts will discuss ERM principles in leading cybersecurity frameworks and methods they have used to bring cybersecurity risks into context at the enterprise level. NIST’s recent Draft IR 8286 on “Integrating Cybersecurity and Enterprise Risk Management (ERM)” will also be discussed.
