NIST seeks comments on Cybersecurity Framework

Robinson+Cole Data Privacy + Security Insider
Contact

The National Institute of Standards and Technology (NIST) developed and issued its voluntary “Framework for Improving Critical Infrastructure Cybersecurity” (Framework) in response to a 2013 Executive Order in February of 2014. It was developed in collaboration with industry, academia and state and federal government officials. It has been widely praised and used as a valuable tool for companies to assess and respond to cybersecurity risk in their organizations.

On December 11, 2015, NIST issued a Request for Information to receive feedback on the use of the Framework, including specific questions about:

  • the variety of ways in which the Framework is being used to improve cybersecurity risk management,
  • how best practices for using the Framework are being shared,
  • the relative value of different parts of the Framework,
  • the possible need for an update of the Framework, and
  • options for the long-term management of the Framework.

The comment period is from December 11, 2015 through February 9, 2016. Comments will be used to enhance the Framework and to assist with developing the agenda for a Framework workshop being planned for April 6 and 7, 2016 at NIST.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robinson+Cole Data Privacy + Security Insider | Attorney Advertising

Written by:

Robinson+Cole Data Privacy + Security Insider
Contact
more
less

Robinson+Cole Data Privacy + Security Insider on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide