NIST Solicits Feedback on Industry Adoption of Cybersecurity Framework

The National Institute of Standards and Technology Aug. 26 launched a 45-day comment period on the private sector’s experience so far with using the agency’s cybersecurity framework (79 Fed. Reg. 50,891, 8/26/14).

The information gathered by NIST through a request for information published in the Federal Register will affect the agency’s decisions about possible tools and resources to help organizations use the framework more effectively, according to an Aug. 22 statement by NIST.

“We’ve seen organizations approach the framework in different ways,” NIST Senior Policy Analyst Adam Sedgewick said in the NIST statement. “Some are using it to start conversations within their organizations or across their sectors, others to create detailed cyber risk management plans. We want to hear from all stakeholders to understand how they’ve used the framework, how it’s been helpful, and where challenges may lie.”

Broad Adoption Envisioned

An executive order signed by President Barack Obama in 2013 required NIST, a division of the Department of Commerce, to develop a framework consisting of voluntary cybersecurity best practices for U.S. “critical infrastructure” sectors, such as banks and telecommunications providers.

In February, NIST issued a final framework, and the Department of Homeland Security set up a new program to assist interested companies with implementation.

Although the framework is focused on the nation’s critical infrastructure, it is designed to improve cybersecurity practices across all industries and by all types of organizations, according to the request for information. The framework is intended for voluntary industry adoption, although it was crafted to be compatible with existing regulatory authorities and regulations, NIST said.

In addition to helping NIST with considering new tools and resources, responses to the request for information are also expected to frame the discussion at a cybersecurity framework workshop that is scheduled to be held by the agency Oct. 29-30 in Tampa, Fla. Comments will also inform the DHS program, NIST said.

Bloomberg Business Law.

You might also like
Professional Services

Oil rig as vessel under the cabotage act 2003 and the cabotage amendment bill 2016

Professional Services

NBA President gets bail in the sum of N250 million

Professional Services

We are ready to prosecute Buhari at the ICC – Femi Falana

Professional Services

The role of supply chain management in national and corporate competitiveness