A new blog post from the Federal Trade Commission provides guidance to businesses on how the cybersecurity framework created by the National Institute for Standards and Technology (NIST) aligns with the FTC’s data security program.
The post outlines the key elements of the NIST framework and how it relates to the FTC’s long-standing approach to data security. It notes that the framework is not a checklist, but rather a method by which a company can identify risks and adjust its security efforts accordingly to ensure they are as effective as possible, which is consistent with the FTC’s focus on reasonable data security.
The blog also highlights various FTC enforcement cases in which the security problems alleged in the complaint mirror concerns addressed in the NIST framework. The blog post concludes that applying both the risk management approach presented by the framework and the FTC’s Start with Security guidance will lead to businesses providing more robust protections for consumers’ data.
The Federal Trade Commission works to promote competition, and protect and educate consumers. You can learn more about consumer topics and file a consumer complaint online or by calling 1-877-FTC-HELP (382-4357). Like the FTC on Facebook, follow us on Twitter, read our blogs and subscribe to press releases for the latest FTC news and resources.
WASHINGTON—The Office of the Comptroller of the Currency (OCC) today published its 2024 Annual Report.…
WASHINGTON—The Office of the Comptroller of the Currency (OCC) today released enforcement actions taken against…
WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned…
WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) is…
WASHINGTON — Today, the United States Department of the Treasury is imposing sanctions on four…
WASHINGTON – Today, the U.S. Department of the Treasury (Treasury) released a report following the issuance of…