From: Pillsbury
Authors: C. Joël Van Over, Travis L. Mullaney
***
Recent Cybersecurity Initiatives and New Regulations
The President and designated agencies took swift action to invigorate and implement the Cybersecurity Act. On February 9, 2016, the President announced the implementation of a Cybersecurity National Action Plan (CNAP), the culmination of a seven-year effort to strengthen cybersecurity, and issued an Executive Order creating the Commission on Enhancing National Cybersecurity (the “Commission”) as a central feature of CNAP, within the Department of Commerce.6 On April 13, 2016, the President announced the members of the Commission, selected by the President and bipartisan Congressional leadership.7 The National Institute of Standards and Technology (NIST) and its National Cybersecurity Center of Excellence (NCCoE), also seated within the Department of Commerce, will provide significant resources to the Commission.8 NIST is currently publishing Federal Register Notices concerning monthly open meetings held by the Commission. The first meetings were held on April 14, 2016 in Washington DC, and May 6, 2016 in New York City, at the New York University Center for Law. Watch for upcoming NIST Notices of future open meetings held by the Commission.
NIST also awarded a $29M indefinite delivery/indefinite quantity contract to MITRE Corp. to support the NCCoE, and MITRE has published a Common Attack Pattern Enumeration and Classification resource, which will be helpful in establishing a common cyber threat vocabulary, as various agencies continue to implement guidance.9 The NCCoE provides another NIST resource, as one of NCCoE’s missions is to collaborate with industry to identify the nation’s most pressing cybersecurity issues, generate a detailed technical description of each issue, and work with technology vendors to develop a standards-based example solution to address those issues. This work will offer private companies both informal access to the planning process and also contracting opportunities to participate directly in this process.10
Leave a Reply