We have published prior advisories concerning the development by the National Institute of Standards and Technology of a cybersecurity “Framework” intended to be adopted by owners of critical infrastructure to enhance the security of their information systems. A preliminary Framework was published by NIST last week. A formal, 45-day comment period on the preliminary Framework was announced in the Federal Register on October 29, 2013.
Written comments concerning the preliminary Framework may be sent to:
Information Technology Laboratory
ATTN: Adam Sedgewick
National Institute of Standards and Technology
100 Bureau Drive, Stop 8930
Gaithersburg, MD 20899–8930
Electronic comments concerning the preliminary Framework can be submitted in Microsoft Word or Excel formats to: firstname.lastname@example.org, with the e-mail subject line: Preliminary Cybersecurity Framework Comments.
All comments will be posted at: http://csrc.nist.gov/cyberframework/preliminary_framework_comments.html without change or redaction, so commenters should not include information they do not wish to be posted (e.g., personal or business information).
The preliminary Cybersecurity Framework is available electronically on the NIST website at: http://www.nist.gov/itl/upload/preliminary-cybersecurity-framework.pdf.