NIST Releases Draft Cybersecurity Framework for Public Comment
Nov 12, 2013
On October 29, 2013, the National Institute of Standards and Technology (NIST) announced a 45-day public comment period on the release of its preliminary Cybersecurity Framework, which was developed in response to President Barack Obama’s Cybersecurity Executive Order 13636 published in February 2013. Stakeholders have until December 13 to submit their comments to NIST, and the final framework is expected to be published in February 2014, according to the deadlines established in the Executive Order.
The framework was developed in collaboration with industry in an effort to provide guidance to an organization on managing cybersecurity risk. According to the draft document, a key objective of the framework is to encourage organizations to consider cybersecurity risk as a priority similar to financial, safety, and operational risk while factoring in larger systemic risks inherent to critical infrastructure. To view the draft framework, visit this link.
After the final framework is released, the White House plans to create a voluntary program to help encourage critical infrastructure companies to adopt it. This includes developing incentives for companies to join the program. Incentives under consideration include promoting the development of cybersecurity insurance, leveraging federal grant programs, prioritizing technical assistance, reducing tort liability, providing regulatory relief and public recognition, and emphasizing research and development.
The Washington Policy Brief is an online advisory that contains brief summaries of recent legislative and regulatory issues that may affect the records and information management profession. Further information about the issue is accessed by clicking on the link provided at the end of each summary.
Want to sign up to receive an e-mail version of the Washington Policy Brief? It's free! Just tell us a little about yourself and you'll receive a monthly dose of the latest in legislation, regulation, and more.