A recent survey by IT software company Tripwire showed 72 percent of security professionals believe the government should offer tax incentives to the private sector to encourage the adoption of the NIST cybersecurity framework.
NIST introduced the new cybersecurity framework last month after President Obama issued an executive order to develop risk-based standards for cybersecurity infrastructure and to develop a voluntary program to support adoption of the framework.
Dwayne Melancon, the CTO for Tripwire, said many private organizations will need “a ‘stick’ to motivate them” to adopt the framework.
“That said, there have been many discussions among private sector organizations regarding the possible use of the NIST cybersecurity framework as the ‘standard of care’ against which organizational security efforts will be measured,” Melancon said. “If corporate boards and lawyers get involved, in addition to a tax motivation, the resulting momentum could be enough to significantly change the adoption curve.”
Tripwire provides risk-based security and compliance management software, as well as security controls, including log and event management, security configuration management, vulnerability management and file integrity monitoring.