SECAUCUS, N.J., Sept. 14, 2017 (GLOBE NEWSWIRE) -- Rsam, a leader in governance, risk and compliance (GRC) enterprise software solutions, today released the results of a recent study it conducted with more than 150 security practitioners, on their adoption plans for the NIST Cybersecurity Framework (CSF).
The company surveyed IT security professionals during a recent NIST CSF discussion about a range of factors that contributed to their ability or inability to successfully implement the framework. The findings showed that organizations are paying attention to the NIST CSF, and using it as a guideline for budget allocation and measurement of their success as an organization:
At the same time, the survey found that automation and staffing challenges remain as key barriers to broader adoption:
“We talk to information security leaders every day who express common challenges regarding implementing NIST CSF,” said Vivek Shivananda, CEO and Co-Founder of Rsam. “A central theme seems to be the struggle to put an overarching automated risk and compliance program in place, that can be looked at through the lens of NIST CSF and other frameworks. Even today, many organizations still rely on manual processes and manage separate data silos. This limits their ability to confidently report on their state of cybersecurity readiness to their Board and rapidly respond to security incidents.”
The NIST CSF is designed to help organizations reduce and better manage cybersecurity risks. The framework applies the principles and best practices of risk management to improve the security and resilience of critical infrastructure by assembling standards, guidelines, and practices that are working effectively in industry today. However, the Framework is not a one-size-fits-all and organizations have unique risks – different threats, different vulnerabilities, different risk tolerances – and how they implement the Framework vary. Add to that, security teams may track different activities in spreadsheets or in homegrown systems without a practical and automated way to implement the framework to get a holistic view of how their organization is performing against NIST CSF.
Rsam is working to address this with a practical implementation platform that is based on 14 years of experience and hundreds of risk and compliance implementations. Using the Rsam platform, organizations can blend the three Framework fundamental elements (Core, Profile and Implementation Tiers) into a singular view businesses can determine their progress and build a strategic security plan. Rsam also introduces predictability into the process. Organizations can measure where they are in their maturity, where they want to be and how long it will take to get there.
For more information about Rsam visit www.rsam.com.
About Rsam
Rsam is the fastest time-to-value and most flexible GRC, Vendor Risk Management and Security Operations, Analytics & Reporting (SOAR) platform provider. Our enterprise software platform uses a relational architecture and captures data in a single, centralized repository. Unlike other systems, we don’t hard-wire dependencies based on requirements that may be outdated before implementation even begins. Instead, the Rsam platform is built to adapt and put the user in control. Gone are the days of endlessly retrofitting a solution or failing to get it off the ground. With Rsam, you can have a baseline up and running in 30 days and iterate from there. Learn more at www.Rsam.com.