Cybersecurity Risk,” and the notions of risk and asset value in statements like “commensurate with the risk and magnitude of the harm,” and the sections on “Support to Critical Infrastructure at Greatest Risk” and “Assessment of Electricity Disruption Incident Response Capabilities.” This risk based approach encourages agencies to prioritize risks to their most important missions vs. only focusing on technical prescriptions like vulnerability scanning or the such.
Read full news article on SecurityWeek