HOUSTON, Sept. 25, 2019 /PRNewswire-PRWeb/ -- Information Shield - a leading provider of cyber security compliance software – today announced a new Compliance Template for the US Cyber Security Framework. This new template dramatically reduces the time and cost of building and validating an information security program that addresses the US Cyber Security Framework (US-CSF).
"Many small and medium business are adopting the CSF as a basis for cyber security," said David Lineman, CEO of Information Shield. "However, in practice, translating the CSF requirements into meaningful program elements is challenging. Leveraging our ComplianceShield platform, organizations can replace weeks of manual effort building a cyber security program that addresses all NIST CSF requirements."
Challenges Using the NIST CSF
While the NIST CSF is often referenced as a solution for "small" non-government organizations, it still presents many practical challenges. Effective US-CSF compliance requires a full suite of compliance documentation and program management that most SMB organizations do not have. For example, to achieve "Tier 3" implementation, organizations must be able to demonstrate a repeatable set of cyber practices driven by written security policies.
ComplianceShield helps address all of these issues by providing a compliance automation program supported by our Common Control Library (CCL).
The following features enable organizations to streamline US-CSF maturity:
1. Complete NIST CSF Security Policy Library - The US-CSF requires organizations to adopt a complete set of written security policies that are approved by management. Include: program governance (GV), asset classification and management (ID); identity and access controls (AC); business continuity planning (RC); and many more.
2. US-CSF Control Library Template - The new Baseline Template translates the US-CSF into a specific set of common cyber controls that can be tracked, implemented and validated.
3. Compliance Management Platform – The CSF requires "risk informed" decisions that require a formally managed program. ComplianceShield enables full accountability for cyber program management in a simple, streamlined platform.
4. Secure Information Sharing – ComplianceShield enables secure sharing of control and compliance evidence with third-parties.
5. Vendor Risk Management – ComplianceShield contains policies, templates and automation for supply chain risk management.
A free trial of ComplianceShield is available by registering at the Information Shield web site.
SOURCE Information Shield