NIST proposes model to assess cybersecurity investment strategies in network security

From zdnet.com

Using NIST SP 800-53 vs. NIST 800-171 in a FISMA Audit

NIST and university researchers have proposed a new computational model for assessing cybersecurity costs in network protection.

Today’s corporate networks often provide a vast attack surface including Internet of Things (IoT) devices, mobile products, remote work tools, on-prem and off-prem services, and cloud systems. 

It may be a challenge for businesses to work out what the most important areas are in terms of cybersecurity investment, but a new computational model could take out some of the guesswork. 

Read more…