NIST CSF Gains Traction Among Security Leaders But Not Without Challenges

Sixty Percent of Survey Respondents say they can’t take timely actions derived from NIST CSF findings

July 26, 2017 |Secaucus, NJ – Rsam, a leader in governance, risk and compliance (GRC) enterprise software solutions, recently surveyed practitioners regarding adoption of the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). The framework, introduced several years ago, is quickly becoming one of the world’s de facto security standards, yet organizations are struggling to implement it.

It appears some of the struggle stems from not having an overarching automated risk and compliance program in place. Many organizations still rely on manual processes and manage separate data silos. Therefore, they can’t confidently and rapidly respond to security incidents, making it difficult to successfully implement NIST CSF.

More than 500 risk and compliance leaders registered for an Rsam webinar last week to learn about this important topic. A survey of the webinar attendees highlights the situation:

  • 87% said they plan to incorporate NIST CSF into their risk and compliance strategy
  • More than 50% of respondents felt they weren’t able to satisfactorily report on their corporate alignment to NIST CSF
  • 60% said they weren’t able to take timely actions derived from NIST CSF findings
  • On a scale of 1 to 10, respondents were asked to rate how much of their Cybersecurity program they’re able to automate with 1 being manual and 10 being fully automated; Only 8% rated their automation above a 6

Listen to an on-demand version of the webinar here.

About Rsam

Rsam is the fastest time-to-value and most flexible GRC, Vendor Risk Management and Security Operations, Analytics & Reporting (SOAR) platform provider. Our enterprise software platform uses a relational architecture and captures data in a single, centralized repository. Unlike other systems, we don’t hard-wire dependencies based on requirements that may be outdated before implementation even begins. Instead, the Rsam platform is built to adapt and put the user in control. Gone are the days of endlessly retrofitting a solution or failing to get it off the ground. With Rsam, you can have a baseline up and running in 30 days and iterate from there. Learn more at

Rsam Media Contact:
Julie Preiss
201-875-3456 x 148


Eric Goldberg| July 26, 2017