Reduce Cybersecurity Risk with New Self-Assessment Tool from NIST

​Organizations looking to better understand the effectiveness of their cybersecurity efforts may be interested in a new tool from the National Institute of Standards and Technology (NIST). NIST says the Baldrige Cybersecurity Excellence Builder blends the organizational performance evaluation strategies of the Baldrige Performance Excellence Program with the risk management mechanism of its Cybersecurity Framework. NIST says the self-assessment tool can help organizations determine which cybersecurity-related activities are important to their business strategy; prioritize investments in managing cybersecurity risk; determine how to best enable employees, customers, suppliers, partners, and collaborators to be aware of cybersecurity risk and fulfill their roles and responsibilities; assess the effectiveness and efficiency of cybersecurity standards, guidelines, and practices; assess results from cybersecurity efforts; and identify priority areas for improvements. NIST says the tool is "not a one-size-fits-all approach" and can be adapted and scaled to fit an organization's needs and goals. NIST will accept comments on the draft tool until December 15, 2016, at baldrigecybersecurity@nist.gov.