NIST Seeks Feedback on Risk Assessment
DATA PROTECTION—U.S.September 23, 2011
The National Institute for Standards and Technology (NIST) is seeking comments on its "Guide for Conducting Risk Assessments." The guidance aims to help agencies assess risk within their IT systems and strengthen federal cybersecurity, InformationWeek reports. NIST describes assessment as one of four steps in agencies' general security risk management strategy, the report states, noting risk assessment helps thwart incidents before they can occur. A federal IT official testified to Congress this week that risk mitigation is a key feature to the government's future security measures, especially when it comes to cloud computing.