Most Feds Like NIST’s Cybersecurity Framework


Trump’s cybersecurity executive order directed all agencies to adopt the framework.

About 83 percent of federal employees and contractors said they support a governmentwide cybersecurity framework itemizing best practices, a survey found.

The National Institute of Standards and Technology’s Cybersecurity Framework, published in 2014, lists ways agencies can measure and manage their cyber hygiene and defines various technology terms including “authentication.” The document is periodically updated based on public input.

President Donald Trump’s cybersecurity executive order, signed in May, directed all agencies to adopt NIST’s cybersecurity framework.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

About 88 percent of respondents said they thought the framework “effectively helps organizations manage risk,” according to a survey conducted by Telos, a tech consulting firm. Telos processed about 250 responses to a survey conducted at the Amazon Web Services public sector summit in June.

About 63 percent of respondents also said they’d experienced an uptick in cyberattacks in the previous year.

But there’s still work to be done: 95 percent of respondents said they wanted a common set of standards to be used across government for cybersecurity.

And asked about which are the biggest challenges to cloud security compliance, almost half—46 percent—said it was too time-consuming. Forty-five percent said compliance was too complex.