Here are some statistics that show how the growing interest in NIST’s Cybersecurity Framework.
2024 – HyperProof‘s 2024 IT Risk Compliance Benchmark Report
- 40% of survey respondents based in the US use NIST CSF.
- NIST CSF was the most commonly used framework by the technology industry.
2018 – Tenable’s Trends in Cybersecurity Frameworks and Foundational Controls report:
- NIST CSF was the only framework with increased adoption in the report
- Around 54% have adopted multiple frameworks.
2017 – RSAM’s (now Diligent) survey of IT security professionals1
- 71% of individuals indicated that they use or are planning to use the NIST CSF to determine where their cyber security budget should be allocated.
- More than 70% indicated it was important or very important for their organization to tie key risk and performance indicators to NIST CSF.
2016 – Tenable’s Trends in Cybersecurity Frameworks and Foundational Controls report:
- NIST CSF did not even show up in the report. ISO 27001 was the most popular framework.
- Interestingly, 44% of respondents reported using more than one security framework
And here is Google Trends showing the increasing interest in the term NIST CSF based on search history.
- Unfortunately, I could not locate the original report link. ↩︎
Pingback: SAP achieves NIST CSF Tier 3 – allaboutgrc
Pingback: NIST CSF 2.0 Maturity Assessment – allaboutgrc