NIST unveils new approach to risk management

The National Institute of Standards and Technology unveiled a new approach to how federal agencies and their contractors manage information security risk.

Currently most agencies manage risk using a tactical, system-by-system approach. The new framework would use a three-tiered risk management approach that would move from organization to missions to information systems.

NIST hopes the new approach will allow senior leaders and executives to strategically manage risks.

Online Chat: Beth Killoran, deputy assistant secretary for Information Technology and chief information officer at HHS, on March 28.

This story is part of Federal News Radio’s daily Cybersecurity Update brought to you by Tripwire. For more cybersecurity news, click here.