One of the notable changes found in the NIST Privacy Framework compared to its Cybersecurity Framework is the idea of "ecosystem risk." In this piece for Privacy Perspectives, Enterprivacy Consulting Group Principal and Trust Consultant R. Jason Cronk, CIPP/US, CIPM, CIPT, FIP, explores ecosystem risk within the framework and how it handles supply chain risk. "While the Privacy Framework does discuss the ecosystem as being broader than the supply chain, it doesn’t, in my view, sufficiently distinguish the two concepts and the potential implications of examining ecosystem risk," Cronk writes.
Full Story
Comments
If you want to comment on this post, you need to login.