Prefer to talk? Get in touch with our experts today on 0151 236 5656

New Cyber Risk Standard from NIST

18 April 2024

The National Institute of Standards and Technology (NIST) have recently released a new version of its world-renowned cyber security framework. The framework, which was originally developed in 2014, is designed to assist organisations to improve their cyber security maturity by improving their management of IT security risks and enhancing protection against cyber threats.

The new standard draws upon feedback on the previous framework and takes account of emerging threats and technologies to ensure it remains relevant in the modern cyber security environment. As a result, there is a greater focus on cloud security, supply chain risks, and the threats associated with artificial intelligence, the Internet of Things (IoT) and identity-based threats.

In addition to updating the original five key areas of the previous version of the standard namely: Identify; Protect; Detect; Respond; and Recover, a new Govern section has also been added to ensure a robust strategic approach to cyber security is in place. A breakdown of the new areas of the framework is provided in the diagram below:

NIST | Griffiths & Armour

It is recommended that organisations review their cyber risk management arrangements against this new standard. Further information on the NIST Framework is available here.

Griffiths & Armour can conduct cyber insurance assessments in accordance with the NIST framework to aid the understanding of cyber risk exposure to inform the insurance risk transfer strategy. Further cyber risk and cyber incident response guidance supplemented by template policies and plan documentation plus e-learning is available via RMworks, which is available to all Griffiths & Armour clients.

For further information on how Griffiths & Armour can help support your organisation, please get in touch

Author

Greg Street

Risk Management Managing Director

Contact