NIST Seeks Input for New Cybersecurity Framework

Mar 07, 2013

Last week, cybersecurity professionals from around the globe gathered at the highly attended RSA 2013 Conference to share new insights, innovations and best practices when it comes to protection of our nation’s infrastructure.

While the event is typically focuses on the commercial sector, this year government played a significant role, which is not a surprise given the key challenges that our government faces when it comes to cybersecurity.

Leveraging the momentum from the event, the Obama Administration announced that NIST had officially issued a request for information for the development of its Cybersecurity Framework.

This new Framework is a set of voluntary standards to guide industry in reducing cyber risks to the networks that support critical infrastructure.  NIST is looking to gather direct feedback from industry experts, as well as other government agencies.

Here’s an excerpt from the NIST RFI:

This RFI requests information to help identify, refine, and guide the many interrelated considerations, challenges, and efforts needed to develop the Framework. In developing the Cybersecurity Framework, NIST will consult with the Secretary of Homeland Security, the National Security Agency, Sector-Specific Agencies and other interested agencies including the Office of Management and Budget, owners and operators of critical infrastructure, and other stakeholders including other relevant agencies, independent regulatory agencies, State, local, territorial and tribal governments.

Further reinforcing this collaborative approach, members of the Administration spoke on various panels at the event.   “We’re in this together, both government and industry. We need your help,” Andy Ozment, a senior director of cybersecurity at the White House, said during a Thursday panel as covered by The Hill.

Private-public partnerships and collaboration efforts are vital to the success of our nation’s cybersecurity strategies.  We are all in this together and we collectively need to develop the right framework for mitigating the increasing amount of cyber attacks aimed at our nation.