Editor’s Note: NIST’s webpage for the Framework is here. The direct link to the Preliminary Cybersecurity Framework is here. The link to the Alternative View-Apendix A – Framework Core Informative References is here and the NIST Comment Template is here. The NIST Federal Register notice seeking comment is available here. The following is from thr FR Notice.
Given the diversity of sectors in critical infrastructure, the Framework development process was designed to initially identify cross-sector security standards and guidelines that are immediately applicable or likely to be applicable to critical infrastructure, to increase visibility and adoption of those standards and guidelines, and to find potential areas for improvement (i.e., where standards/guidelines are nonexistent or where existing standards/guidelines are inadequate) that need to be addressed through future collaboration with industry and industry-led standards bodies. The Cybersecurity Framework will incorporate voluntary consensus standards and industry best practices to the fullest extent possible and will be consistent with voluntary international consensus-based standards when such international standards advance the objectives of the Executive Order.
Leave a Reply