Today the National Institute of Standards and Technology (NIST) and the National Telecommunications and Information Administration (NTIA) co-published a notice of inquiry in the Federal Register (78 FR 18954-18955) looking for information to support the development of incentives to adopt the improved cybersecurity practices to be developed by NIST as part of the President’s Cybersecurity Executive Order (EO 13636).
According to the notice summary the inquiry is designed to support the Department of Commerce’s incentives effort in three ways:
• Analysis of the benefits and relative effectiveness of such incentive;
• Whether the incentives would require legislation or can be provided under existing law, and
• Whether the incentives could be applied to US industry as a whole.
The Department asked a similar set of questions in 2010 (75 FR 44216) and plans to incorporate the results of that request into their report to the President which will be submitted no later than June 12th, 2013. In this inquiry NIST/NTIA would like respondents to the earlier request to comment on whether or not their earlier comments are still applicable.
The notice also provides a lengthy list of questions to which it would like all interested parties to respond. Those responses may be sent to NTIA (firstname.lastname@example.org) and must be received by April 29th, 2013. The short response time is necessitated by the deadline for having a report to the President. Comments will be made available on the Internet Policy Task Force web page.