Written by: on: 18 Apr 2024

Cyber Risk | Griffiths & Armour

New Cyber Risk Standard from NIST

The National Institute of Standards and Technology (NIST) have recently released a new version of its world-renowned cyber security framework. The framework, which was originally developed in 2014, is designed to assist organisations to improve their cyber security maturity by improving their management of IT security risks and enhancing protection against cyber threats. The new standard draws upon feedback on the previous framework and takes account of emerging threats and technologies to ensure it remains relevant in the modern cyber security environment. As a result, there is a greater focus on cloud security, supply chain risks, and the threats associated with artificial intelligence, the Internet of Things (IoT) and identity-based threats.

In addition to updating the original five key areas of the previous version of the standard namely: Identify; Protect; Detect; Respond; and Recover, a new Govern section has also been added to ensure a robust strategic approach to cyber security is in place. A breakdown of the new areas of the framework is provided in the diagram below:

Cyber Security Framework | Griffiths & Armour

It is recommended that organisations review their cyber risk management arrangements against this new standard. Further information on the NIST Framework is available here.

Griffiths & Armour can conduct cyber insurance assessments in accordance with the NIST framework to aid the understanding of cyber risk exposure to inform the insurance risk transfer strategy. Further cyber risk and cyber incident response guidance supplemented by template policies and plan documentation plus e-learning is available via RMworks, which is available to all Griffiths & Armour clients. Further information on RMworks is available here.

Reach out to the author to discover the Griffiths & Armour difference

Greg Street | Griffiths & Armour
  • Risk management We identify, manage and support you to reduce risks.
  • Leading insight We share claims intelligence and the effect new laws or legislation have on your policies.
  • Claims management If you need to claim you’ll get immediate support and effective resolution.
  • Trusted We are trusted risks advisors to professional institutes and trade associations.