IBM’s Dan Chenok: NIST Frameworks, Guidance Could Help Agencies Manage Cyber Risks

Dan Chenok
Dan Chenok

Dan Chenok, executive director of the IBM Center for the Business of Government, wrote in a commentary published Thursday on FCW that frameworks and other resources from the National Institute of Standards and Technology provide government agencies a “strong road map” towards improving their cybersecurity posture.

Chenok cited NIST’s Cybersecurity Framework and the Risk Management Framework, which advances the implementation of continuous monitoring processes, use of automation and integration of information security into the enterprise architecture.

“In addition to the guidance contained in the Risk Management Framework, NIST has published two additional documents — NIST SP 800-39 and NIST SP 800-30 — that emphasize the need for integrated organization-wide risk management and risk assessments,” he wrote.

In addition to NIST resources, Chenok described the PRISM model in a 2018 IBM Center report and how it could help agencies manage cyber risks.

“The model helps agencies begin by prioritizing risk drivers and interdependencies, and linking cybersecurity goals to mission and operational objectives,” he said of PRISM. “The model can also assist agencies in communicating return on security investments to mitigate cyber risks.”

He also mentioned the importance of risk management and information security to public sector entities.

You may also be interested in...


Nuxeo Obtains HITRUST CSF Certified Status for Content Mgmt Suite

The Health Information Trust Alliance has granted Nuxeo certified status for information security for its cloud-based content management tool offered through the Amazon Web Services platform.

Gremlins Dynetics

Dynetics Concludes Third Flight Test of Gremlins UAV for DARPA

A Dynetics-made unmanned aerial vehicle demonstrated autonomous and manual safety behaviors in a test flight series for the Defense Advanced Research Projects Agency. The Gremlins Air Vehicle, with its corresponding recovery system, performed seven hours of flight in November, at Utah-based Dugway Proving Ground, Dynetics, a Leidos subsidiary, said Wednesday.


HHS Taps Medallia to Help Augment Customer Experience in Health Services

Medallia will deliver user experience technology to help the Department of Health and Human Services address health-related public sector issues and augment key services for HHS customers. The company said Thursday it offers a government-tailored platform that helps agencies determine how to improve citizen experience based on feedback data.