Cybersecurity Framework Metrics Working Group

Overview
The Commission on Enhancing National Cybersecurity proposed that the National Institute of Standards and Technology (NIST) build on its Cybersecurity Framework and establish a Cybersecurity Framework Metrics Working Group (CFMWG) to develop industry-led, consensus-based metrics that industry can use to voluntarily assess relative corporate risk, help government and insurers to understand insurance coverage needs and standardize premiums, and implement a nationwide voluntary incident reporting program for identifying cyber gaps.