globe

Perspectives

Deloitte’s NIST capabilities

Helping you to adopt NIST frameworks

As technologies advance and cyber threats continue to grow in number and complexity, many organizations are turning to outside assistance to enhance safeguards around their sensitive data. Deloitte’s National Institute of Standards and Technology (NIST) capabilities provide a source for commercial entities that require or desire compliance or alignment with NIST-related standards. Our goal is to help create a homogenous level of quality for any NIST engagement. Our team of well-equipped professionals understands the commonalities between various standards that leverage NIST guidance.

Explore content

 

Hearing a lot about the Cybersecurity Maturity Model Certification (CMMC) and would like to learn more? 

Adoption of NIST frameworks and complying with related cybersecurity standards

Deloitte applies its experience and leading practices to assist organizations with NIST adoption and compliance with other cybersecurity frameworks.

The bottom line…

Various standards have been developed based on the NIST frameworks, and there are clear commonalities—instances where control and security requirements overlap from standard to standard.

Our skilled professionals can help your organization navigate these complex frameworks by providing the following:

  • Consultation on which standards are applicable to your organization
  • Gap analyses to identify enhancement areas within your information security architecture, as well as your operational environment
  • Readiness and assessment services for the different standards (Deloitte is an authorized FedRAMP Third-Party Assessment Organization)
  • Compliance roadmaps for the standard(s) applicable to your organization

earth telescope view

Endnotes

1 National Institute of Standards and Technology (NIST), "Cybersecurity Framework," https://www.nist.gov/cyberframework.

2 NIST Computer Security Resource Center, Security and Privacy Controls for Federal Information Systems and Organizations, April 2013, https://csrc.nist.gov/publications/detail/sp/800-53/rev-4/final.

3 US Department of Defense, Office of the Under Secretary of Defense for Acquisition & Sustainment, "Cybersecurity Maturity Model Certification," https://www.acq.osd.mil/cmmc.

Federal Risk and Authorization Management Program, "Documents," https://www.fedramp.gov/documents.

5 NIST Computer Security Resource Center, "FISMA Background," November 30, 2016, https://csrc.nist.gov/projects/risk-management/detailed-overview.

network

Let's talk

Akshay Dhawan
Senior manager
Deloitte Risk & Financial Advisory
Deloitte & Touche LLP
+1 703 251 4127

Keith Thompson
Senior manager
Deloitte Risk & Financial Advisory
Deloitte & Touche LLP
+1 703 405 3717

Louverture C. Jones
Senior manager
Deloitte Risk & Financial Advisory
Deloitte & Touche LLP
+1 305 808 2548

Curtis Stewart
Managing director
Deloitte Risk & Financial Advisory
Deloitte & Touche LLP
+1 703 251 1782

chemical bonding

Explore content

Did you find this useful?
Cyber Risk Services | Deloitte US

Deloitte Cyber & Strategic Risk offers a unified approach to help you tackle obstacles, build new capabilities, and move forward fast. Leverage our breadth and depth to transform your organization, wherever you are on your journey.

Cybersecurity in the defense industrial base

Evolving cybersecurity regulations for defense contractors