Senate committee hears anecdotal evidence of how cybersecurity framework is helping businesses. Measurement of effectiveness of using framework to prevent damaging cyber-attacks is still lacking. NIST Director Charles Romine couldn’t give a timetable for when NIST will develop such metrics. White House Cybersecurity Coordinator Michael Daniel discusses ways to streamline regulation. If government must decide whether to compel businesses to comply with security standards, it could adversely affect its customers, suppliers and other stakeholders in this interconnected world, he says. If we can’t verify that the voluntary approach works, then the government must compel all IT-industry to comply.”]
Source: https://www.inforisktoday.com/blogs/nist-framework-success-p-1807