Privacy & Cybersecurity Update: NIST Issues Request for Information on Critical Infrastructure Cybersecurity Practices

On February 26, following close on the heels of the recent executive order setting forth the administration’s approach to the regulation of critical infrastructure network security, the National Institute of Standards and Technology (NIST) released an initial public notice and request for information (the NIST Notice). The release of the NIST Notice is the first action in a year-long process through which NIST will develop the new voluntary framework for private sector critical infrastructure cybersecurity called for in the executive order (the Framework). The comments requested in the NIST Notice provide the first opportunity for private sector operators of critical infrastructure to provide direct input into the crafting of the Framework.

What Companies Are Affected?

The NIST Notice for the first time begins the task of empirically defining the set of critical infrastructure to be addressed in the Framework. In particular, NIST asks commenters for their input on infrastructure that supports their critical organizational assets and calls out five specific sectors upon which organizations may be relying:

• telecommunications;

• energy;

• financial services;

• water, and

• transportation.

Firms in those five sectors and in other sectors with the potential to be deemed “critical infrastructure” should pay close attention to the development of the Framework.

Please see full memorandum below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Written by:


Skadden, Arps, Slate, Meagher & Flom LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.