Skip to main content

Boston Discussion - NIST Framework - March 25

NIST Framework:  How to Best Mitigate Cyber Risk for Your Organization

The National Institute of Standards and Technology (NIST) last month released its final Cybersecurity Framework. Developed under an executive order from President Obama with extensive input and feedback from industry security professionals, the new NIST framework is designed to help companies in the financial services, communications, energy, transportation, healthcare, and other critical infrastructure sectors identify their cybersecurity risks and develop effective programs to prevent and respond to attacks.

With the threats facing even the largest companies highlighted by recent disclosures by Target, Neiman Marcus, and others that the security of millions of customer credit and debit cards has been compromised, companies of all types are taking a closer look at what they can do to mitigate their risks and protect their customers and suppliers. In addition, agencies including the SEC, FTC, Defense Department, and GSA are paying increased attention to companies’ cyber vulnerabilities.

On March 25, we will be hosting a panel discussion in our Boston office, and we’ll look at the Cybersecurity Framework’s recommendations and how you can use them to assess and improve your organization’s security practices. Our speakers have been actively involved in the development of the NIST framework and private sector cybersecurity policy. You won’t want to miss their insights into the framework’s key elements and the most effective approaches for developing a program that best suits your individual organization’s risks and circumstances.

Topics will include:

  • An update on cybersecurity legislative policies
  • The NIST Cybersecurity Framework and federal regulatory initiatives affecting government and private sector suppliers
  • Recent developments in the SEC's approach to disclosure of cybersecurity threats for public companies
  • The current state of the market for cybersecurity insurance and considerations for potential insureds

Subscribe To Viewpoints


Cynthia J. Larose

Member / Co-Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.