Pulse

By GCN Staff

Blog archive
Power plant

NIST to build cybersecurity framework, with your help

The federal government is seeking help from the public for ideas to boost cybersecurity measures for the nation’s critical infrastructure.

The National Institute of Standards and Technology has issued a request for information for what it calls the first step in the process to develop a Cybersecurity Framework.

The Cybersecurity Framework will be a set of voluntary standards and best practices to guide industry in reducing cyber risks to the networks and computers that support critical infrastructure vital to the nation's economy, security and daily life, according to the NIST announcement published in the Federal Register .

The RFI comes amid reports of widespread hacking attacks by China on U.S. and foreign institutions, as revealed by security firm Mandiant.

NIST is calling for ideas, recommendations and other input from critical infrastructure owners and operators, federal agencies, state and local governments, standards-setting organizations and other interested parties. It’s looking for information about current risk management practices; use of frameworks, standards, guidelines and best practices; specific industry practices; and more.

In announcing the initiative prior to releasing the RFI, NIST said it will use the input gathered to identify existing consensus standards, practices and procedures that have been effective and that can be adopted by industry to protect its digital information and infrastructure from the full range of cybersecurity threats.

The framework will not dictate “one-size-fits-all” solutions, but will instead enable innovation by providing guidance that is technology-neutral and recognizes the different needs and challenges within and among critical infrastructure sectors, NIST said.

President Barack Obama called for the framework to reduce cyber risks in a Feb. 12 Executive Order  on "Improving Critical Infrastructure Cybersecurity" for essential institutions such as power plants and financial, transportation and communications systems.

Stakeholder meetings are also a part of the framework process. The first meeting will be held April 3 at NIST headquarters in Gaithersburg, Md. Registration information is available here.

Comments are due by 5 p.m. Eastern Time on April 8, and should be e-mailed to [email protected] with the subject line: "Developing a Framework to Improve Critical Infrastructure Cybersecurity."

Posted by David Hubler on Feb 28, 2013 at 9:39 AM


Featured

  • Workforce
    Former vice-president Joe Biden formally launches his 2020 presidential campaign during a rally May 18, 2019, at Eakins Oval in Philadelphia. (Matt Smith Photographer/Shutterstock.com)

    Biden promises to undo Trump’s workforce policies

    Democratic candidate pledges to appropriate permanent funding to feds in case of another shutdown.

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.