Just how does the government expect us to do this on our own?


New member
If it’s practically impossible for a business to become NIST compliant on their own, how come the government doesn’t help more? I mean, it seems like this is a really difficult task.. Don’t THEY care about the security of their citizens’ data?
Last edited:


New member
I think NIST does a great job of outlining all of the “jobs to be done” to achieve compliance. However, I do think all of it is very technical. I advise hiring a cybersecurity and compliance professional to help navigate through the maze. It’s possible to prepare for NIST doing the bulk of the work yourself by writing and customizing your policies and procedures, mapping your security controls etc. but I do advise hiring a professional to conduct an assessment of what you’ve done and provide a detailed remediation plan.
$900 Gets You NIST Security + 23-Point SEO Checkup - Learn More