Measuring What Matters: Reducing Risk by Rethinking How We Evaluate Cybersecurity
This 39 page document from SafeGov discusses how to reduce cybersecurity risk. According to the National Academy of Public Administration, the framework developed by SafeGov in this report “is an important step toward building a more dynamic, risk-based approach that will yield more robust protection from cyber threats across the government.” The framework uses an Organizational Cyber Risk Indicator to asses the risk of various agencies so they can counteract existing vulnerabilities. The report includes an Organization Cyber Risk Management Framework Overview, Recommendations, Benefits of the Framework, Challenges in Implementing a New Approach, and many other details of the framework.