Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

NIST Cybersecurity Framework Adoption Linked to Higher Security Confidence According to New Research from Tenable Network Security

March 29, 2016

Columbia, MD

More organizations plan to adopt the NIST Cybersecurity Framework in the next 12 months than any other IT security framework, yet many struggle to implement the full range of best practices

Tenable Network Security, Inc., a global leader transforming security technology for the business needs of tomorrow, revealed today that overall security confidence was higher for organizations leveraging the U.S. National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework), according to findings from the Trends in Security Framework Adoption Survey (PDF).

The survey tallied responses from more than 300 U.S. security professionals from organizations of all sizes across key industry verticals to better understand the adoption patterns of the top security frameworks. While 84 percent of survey respondents reported using at least one security framework, 16 percent still do not leverage any security framework. According to survey data, the NIST Cybersecurity Framework is the most likely security framework to be adopted by organizations over the next year.

“Historically, CISOs have been hesitant to take full advantage of the NIST Cybersecurity Framework because of a high investment requirement and a lack of regulatory mandate,” said Ron Gula, CEO, Tenable Network Security. “This is changing as organizations begin to shift their mindset from moment-in-time compliance with frameworks like PCI DSS to continuous conformance with the NIST Cybersecurity Framework.”

Despite 70 percent of respondents praising the NIST Cybersecurity Framework as an industry best practice, more than 50 percent of current and future adopters said the level of investment needed in order to fully conform with the framework was high.

The lack of regulatory requirement and high perceived investment means many organizations that have already adopted the NIST Cybersecurity Framework do not implement all of its recommendations. Sixty-four percent of respondents from organizations currently using the NIST CSF reported implementing some of the NIST recommended controls, but not all of them. Similarly, 83 percent of organizations that plan to adopt the NIST Cybersecurity Framework in the next year said they will adopt some, but not all of the NIST Cybersecurity Framework controls.

To make it easier for companies and government organizations to adopt and benefit from the NIST Cybersecurity Framework, Tenable recently introduced its NIST CSF solution, which includes the industry’s first and only NIST CSF dashboards, in Tenable’s SecurityCenter Continuous View™.

“The NIST Cybersecurity Framework is one of the most thorough and reliable cybersecurity frameworks available, but it can be challenging for CISOs to conform to these standards all the time,” said Gula. “Tenable’s NIST Cybersecurity Framework solution helps automate and simplify NIST framework adoption, giving organizations the complete visibility and critical context needed to continuously conform to NIST best practices.”

For more information on how organizations can automate the assessment and operation of more than 90 percent of NIST Cybersecurity Framework technical controls to measure conformance across the entire IT environment, visit tenable.com/solutions/nist-cybersecurity-framework.

To further explore the automation and measurement capabilities of Tenable’s NIST CSF dashboards, register for the upcoming webinar,  “Automate Simplify and Communicate NIST CSF Conformance,” at 2 p.m. ET on April 8, 2016.

Original research for the Trends in Security Framework Adoption Survey was commissioned by Tenable and conducted by Dimensional Research, a market research firm providing practical insights for technology companies. To view or download an executive summary of the research findings, visit tenable.com/marketing/tenable-csf-report.pdf.

Stay up to date!

Subscribe to our email alerts for new press releases.

Subscribe for press release updates

Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.