Peter Kim, the Air Force's chief information security officer, said Wednesday the service will look at ways to give airmen more flexibility within the Risk Management Framework while the Air Force begins a sweeping review of its guidance. "From my perspective, the RMF framework, although it's a good framework . . . at the lowest levels, they've become crippled in doing every piece of control under the [National Institute of Standards and Technology] cybersecurity framework because they haven't been told...
