Government Contracts Monitor

NIST Releases Preliminary Cybersecurity Framework and Seeks Public Comments

October 25, 2013

As previously reported here, President Obama issued an Executive Order on Improving Critical Infrastructure Cybersecurity which, among other things, directed the National Institute of Standards and Technology (“NIST”) to a develop a Cybersecurity Framework that would reduce cyber risks to the nation’s critical infrastructure. NIST recently released its Preliminary Cybersecurity Framework in response to this Order and is seeking public comments.

The Framework consists of standards, guidelines, and best practices to promote the protection of critical infrastructure. NIST hopes that the prioritized, flexible, repeatable, and cost-effective approach of the Framework will help owners and operators of critical infrastructure manage cybersecurity-related risks while protecting business confidentiality as well as individual privacy and civil liberties. The Framework is intended to serve as a guide for organizations to improve existing cybersecurity programs or to create a cybersecurity program if they don’t already have one in place. NIST is seeking public comments on the Preliminary Framework and intends to incorporate suggestions and comments into the Final Framework set for release in February 2014. For more information about the Framework and how to submit comments, click here.

Katie Calogero is the attorney responsible for the content of this article.