From Communications Daily:

The R Street Institute urged NIST to address cyber insurance in v1.1 and consider further work on the topic in future framework updates. Cyber insurance is “an important aspect” in the framework’s goal of helping entities recover from a cyberattack, R Street said. “NIST itself has recognized the role cyber insurance can play in helping businesses respond to and recover from a cyber incident. Including insurance in the framework will prompt all users to consider adopting it “as part of the enterprise risk management process,” which could help “raise the bar for device security, bolstering the global cybersecurity ecosystem.”

Featured Publications