Defense Department Chief Information Officer Dana Deasy downplayed the likely effectiveness of the National Institute of Standards and Technology developing a framework of standards on contractor and vendor cyber risks, arguing the issue is too broad and constantly changing to leave it to such an approach. "I believe this problem is more complicated than just establishing a NIST framework," Deasy said Oct. 1 at an Armed Forces Communications and Electronics Association event in Arlington, VA, in response to a question...
