A new study by Tenable Network Security indicates a high level of confidence among organizations in the cybersecurity framework of the National Institute of Standards and Technology.
The NIST Cybersecurity Framework is the preferred security framework for 70 percent of the respondents in Tenable’s Trends in Security Framework Adoption Survey, the company said Tuesday.
Tenable also reveals in the study that at least 50 percent of respondents believe the adoption of the framework requires a high level of investment.
“Historically, [chief information security officers] have been hesitant to take full advantage of the NIST cybersecurity framework because of a high investment requirement and a lack of regulatory mandate,” said Tenable CEO Ron Gula.
“This is changing as organizations begin to shift their mindset from moment-in-time compliance with frameworks like PCI DSS to continuous conformance with the NIST cybersecurity framework,” Gula added.
Market research firm Dimensional Research conducted the survey of more than 300 U.S. security professionals to gauge the adoption patterns of security frameworks.
The survey also points to organizations currently implementing or planning to implement only some of the NIST framework’s technical controls.
Tenable said its SecurityCenter Continuous View product works to automate NIST framework adoption by providing visibility into the IT environment.