Do we need a new standard for network testing and security?

This question was posed by a Forbes Technology Council member who points out that with the increase in devices connected to networks, cybersecurity has become part of every C-level, staff member and third-party vendor’s role to help manage risk of data exposure.  This also means the focus must shift from IT teams being focused strictly on locking down the perimeter to regular outside testing and ongoing mitigation of vulnerabilities discovered.  His proposed solution is development of a universal framework of internationally recognized standards and processes for network risk.

We help our clients and Resellers to use the NIST Cyber Security Framework (CSF) or International Standards Organization (ISO) to do this.  By aligning to a recognized framework, not only can organizations identify holes in their current controls, processes or policies, but they can achieve compliance and receive an attestation from a third-party auditor like Foresite which can be shared with stakeholders to show that they are addressing cybersecurity concerns.  These attestations are widely accepted in lieu of completing individual questionnaires from each customer.

What do you think?  Are the current guidelines sufficient, or do we need a new universal standard?

Tracy Fox
+ posts

Sign up for our Newsletter

Receive weekly emails for the latest cybersecurity news

Expand your team with Foresite

Enterprise-level cybersecurity and risk management for mid-sized businesses. Prioritize your security tasks and reduce the complexity of cybersecurity. 

Upcoming webinar: CMMC 101 - What Businesses Need to Know - Oct. 12, 2022 @ 2pm EST

Search