The National Institute of Standards and Technology is seeking comments on the agency’s draft guidance for financial services companies to track, manage and secure their information technology software and hardware systems.
NIST’s IT Asset Management guide also explains how commercial technology can help organizations locate and configure networked devices and applications, the agency said Monday.
“Following this guide will help organizations better manage their cybersecurity risk,” said Nate Lesser, deputy director at the NIST-run National Cybersecurity Center of Excellence.
“Identifying the scope of an organization’s risk is key to proper asset management, as reflected by ‘identify’ being the first function in the cybersecurity framework NIST developed for critical infrastructure,” Lesser added.
The guide offers instructions for the integration of separate data systems into a single IT asset management platform, as well as suggests best practices for security engineers.
NIST produced the document in collaboration with 10 technology vendors.