The Baldrige Performance Excellence Program, a public-private partnership dedicated to raising awareness about the importance of performance excellence in driving the U.S. and global economy and providing organizational assessment tools and criteria, has announced that it is partnering with the Applied Cybersecurity Division of the National Institute of Standards and Technology (NIST) to develop a cybersecurity tool based on the Baldrige Program and aligned with NIST’s cybersecurity framework.
Baldrige Cybersecurity Excellence Builder
In a blog post on the official Baldrige blog, Baldrige Program Director Bob Fangmeyer announced the development of the new self-assessment tool, the Baldrige Cybersecurity Excellence Builder. According to Fangmeyer, the Baldrige Program and the NIST Applied Cybersecurity Division have been working with the office of U.S. Chief Information Officer Tony Scott and a cross-section of industry participants in a working group for the past six months, exploring the need for a Baldrige-based cybersecurity initiative.
The Baldrige Cybersecurity Excellence Builder cybersecurity tool is the first step in this initiative. This self-assessment tool will allow organizations to understand the effectiveness of their cybersecurity risk management efforts and identify opportunities for improvement.
Cybersecurity Tool to use NIST Framework
The Baldrige Cybersecurity Excellence Builder will be aligned with NIST’s Framework for Improving Critical Infrastructure Cybersecurity, which was developed to help organizations understand the requirements for a robust cybersecurity risk-management program.
“NIST’s efforts to couple the proven processes and value of the Baldrige Program with the increasingly popular Cybersecurity Framework will be voluntary and private sector-driven,” said Willie E. May, Under Secretary of Commerce for Standards and Technology and Director of NIST, about the partnership. “We will measure this initiative’s success by its usefulness to companies and other organizations in strengthening their cybersecurity risk management. The goal is to help organizations get even greater value from the Cybersecurity Framework by providing a way to assess and guide their cybersecurity risk management.”
A draft of the Baldrige Cybersecurity Excellence Builder is expected by fall 2016. Learn more at the NIST website, www.nist.gov.