A new blog post from the Federal Trade Commission provides guidance to businesses on how the cybersecurity framework created by the National Institute for Standards and Technology (NIST) aligns with the FTC’s data security program.
The post outlines the key elements of the NIST framework and how it relates to the FTC’s long-standing approach to data security. It notes that the framework is not a checklist, but rather a method by which a company can identify risks and adjust its security efforts accordingly to ensure they are as effective as possible, which is consistent with the FTC’s focus on reasonable data security.
The blog also highlights various FTC enforcement cases in which the security problems alleged in the complaint mirror concerns addressed in the NIST framework. The blog post concludes that applying both the risk management approach presented by the framework and the FTC’s Start with Security guidance will lead to businesses providing more robust protections for consumers’ data.
The Federal Trade Commission works to promote competition, and protect and educate consumers. You can learn more about consumer topics and file a consumer complaint online or by calling 1-877-FTC-HELP (382-4357). Like the FTC on Facebook, follow us on Twitter, read our blogs and subscribe to press releases for the latest FTC news and resources.
As Prepared for DeliveryChairman Smith, Ranking Member Neal, and Members of the Committee: Thank you…
As Prepared for DeliveryThank you very much to ACI for inviting me here today. I’m…
The Biden-Harris Administration Announces Upcoming $6 Billion Tax Credit Allocation Round to Build Clean Energy…
WASHINGTON – This week, the U.S. Department of the Treasury’s Federal Insurance Office (FIO) hosted…
140,803 Taxpayers Filed Their Taxes Directly with the IRS for Free as users claimed more…
WASHINGTON—Acting Comptroller of the Currency Michael J. Hsu today issued the following statement at the…