Jump to content

framework that is most demand?

Recommended Posts

Which of the many information security frameworks is in most demand from companies and other organizations in the US?


Which of the information security frameworks is the shortage of implementation planners greatest? 



Share this post

Link to post
Share on other sites

From my experience, most organization use Frameworks as they align to their sector.  For example, retailers are concerned with PCI whereas individuals in the Energy sector are more interested with CIP and other sector specific regulations.  These regulation tend to drive security frameworks for their organization.  However, this approach tends to lend itself to compliance for the sake of complying with a regulation vice compliance to provide security.  The Cybersecurity Framework when used as a Framework is becoming more of a translator from good security practices to regulatory requirements.   Organization that use the Cybersecurity Framework to develop a risk informed cybersecurity program can use the Framework to demonstrate how they are complying with a multitude of regulations without having to implement a separate security program.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now