Panorays And Hysolate Comment On New NIST 1.0 Privacy Framework

The National Institute of Standards and Technology (NIST) just released its first version of its privacy framework, a tool to give organizations guidance on how to manage risks and be in compliance with new privacy laws.

Experts Comments

January 22, 2020
Dov Goldman
Director of Risk & Compliance
Panorays
With the enactment of far-reaching data privacy regulations like GDPR and CCPA, the new NIST Privacy Framework could not have come at a better time. The framework provides a canonical standard in language business managers understand. This will undoubtedly help companies organize their privacy processes so they can protect their customers' personal data and comply with regulations. The impact of this is analogous to the NIST Cybersecurity Framework, in that it provides a business-level guide of .....Read More
With the enactment of far-reaching data privacy regulations like GDPR and CCPA, the new NIST Privacy Framework could not have come at a better time. The framework provides a canonical standard in language business managers understand. This will undoubtedly help companies organize their privacy processes so they can protect their customers' personal data and comply with regulations. The impact of this is analogous to the NIST Cybersecurity Framework, in that it provides a business-level guide of how to do things right. As usual, privacy policies only work when they are part of an ongoing process of managing and collaborating with third parties, as the new NIST standard makes clear. Therefore, companies should be sure to put in place a comprehensive third-party cyber risk process that also considers compliance with privacy regulations.  Read Less
January 22, 2020
Marc Gaffan
CEO
Hysolate
Cybersecurity and privacy are merging closer together, especially as we see the introduction and enforcement of regulations like GDPR and CCPA. It's great to see frameworks like NIST help organizations map out the areas of potential risk as it relates both to privacy and cybersecurity. Organizations should follow such a framework to manage and mitigate risk, but remember that it takes time to check all of the boxes. It's important to identify the biggest, and most critical gaps first, and then.....Read More
Cybersecurity and privacy are merging closer together, especially as we see the introduction and enforcement of regulations like GDPR and CCPA. It's great to see frameworks like NIST help organizations map out the areas of potential risk as it relates both to privacy and cybersecurity. Organizations should follow such a framework to manage and mitigate risk, but remember that it takes time to check all of the boxes. It's important to identify the biggest, and most critical gaps first, and then address less critical gaps down the road.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.