The Cybersecurity Framework helps you to assess and measure your cyber supply chain risks and gain actionable insights to bolster your defenses. Join us in our nation-wide effort to protect critical IT systems.
The National Institute of Standards and Technology (NIST) is currently leading a national research effort to address a serious problem facing not only the cybersecurity community, but all organizations regardless of sector, type or size. There is little empirical research and evidence specifying exactly which cybersecurity strategies, policies and operational controls are actually effective in bolstering corporate IT defenses.
NIST has for many years collaborated with industry, academia and government stakeholders to help secure the nation’s critical information and infrastructure. For this effort, we have brought together a team composed of representatives from the federal government (GSA, DHS), the insurance industry (Zurich and Beecher Carlson) and academia (the University of Maryland) to conduct fundamental research and build the tools necessary to measure and assess the actual effectiveness of cybersecurity strategies and controls.
Your help is needed …
The problem can only be solved with widespread cooperation of organizations across the United States. You can help by participating in a NIST-sponsored, secure and anonymous online survey. This secure and anonymous cybersecurity assessment is based on the Cybersecurity Framework and can be accessed for the next 45 days (January 30 - March 15, 2017).
To support and ensure your successful participation, you will be given access to our secure survey portal, and your organization will be registered, and supported, by our Virtual Help Desk at the University of Maryland.
Measure and assess your cyber defenses …
The survey has been built through extensive field research. Enterprises and government organizations will be able to analyze and understand the extent and adequacy of their cyber defenses and gain actionable insights on where and how to bolster defenses.
Anonymously compare with your industry peers …
We separate all user identification (username and email) from survey responses to anonymize data and ensure privacy. Once completed, this short and confidential survey will generate a Performance Profile and a Tiers of Implementation Analysis that will help your organization assess its degree of alignment with the risk management processes and outcomes as described in the Cybersecurity Framework.
Each organization will be able to compare its performance level with both industry benchmark peers and all other respondents. Additionally, Results Dashboards with rich business visualizations will be provided and will allow information security leaders to generate conversations about future strategy & investments with their senior executive teams.
We are asking your organization to participate with us in this ambitious, community research activity designed to improve cybersecurity for all. Your organization’s anonymized data will contribute to the creation of an important new large-scale data set that will enable NIST to research, for the first time, the strength and significance of links between organizations’ cybersecurity practices and their breach profiles. Such research can lead to the development of predictive models to help the cybersecurity community anticipate cyber breaches and attacks.
As a participant, your organization will also receive an early preview of our team’s research report prior to its general release. Thank you in advance for helping our team to take on this challenge and supporting this potentially game-changing research.
Register and take the Survey Now:
The survey is open for 45 days only—January 30 - March 15, 2017.
We will have this announcement also posted to the NIST Computer Security & Applied Cybersecurity Division homepage http://csrc.nist.gov/> under the News section .
A link will also be provided from the NIST website under the Cybersecurity Framework project homepage https://www.nist.gov/cyberframework. These links will be available by 1pm EST on Monday, Jan. 30.