There has been a lot of focus in the press (even Dale
Peterson got into discussing it on DigitalBond)
about the White House announcement earlier this week about the incentives that
are being considered by the Administration to encourage high-risk critical
infrastructure organizations to implement the Cybersecurity Framework (which is
still under development).
Most of those folks have been concentrating on the blog
post from Michael Daniel, Special Assistant to the President and
Cybersecurity Coordinator, over at the WhiteHouse.gov (and reposted
at the DHS Blog site).
The decision making process is far from over on what
incentives will actually be proposed (many will have to go to Congress for
implementation) especially since the Framework still has so far to go (the next
Workshop is going to be working on the next to final draft of the preliminary
version of the Framework that will be published in October). What the
Administration presented this week was the initial analysis of what incentives
could be considered and a look at the strong and weak points of each of the
major contenders.
The meat of the proposal was linked to in Michael’s blog
post, but the links were not real obvious, and there were multiple links to go
through in some cases to get to the actual information. So here is a full
listing of the links to the documents that the President’s staff will be
considering in developing the President’s plan to move the Cybersecurity
Framework into full implementation.
• NTIA
Summary Report; and
Michael does a pretty good job summarizing the data. He
breaks the incentives down into eight general categories:
• Cybersecurity Insurance;
• Grants;
• Liability Limitation;
• Streamline Regulations;
• Public Recognition;
• Rate Recovery for Price Regulated
Industries;
• Cybersecurity Research.
I’ll take a little bit closer look at each of these in the
coming weeks.
Posts
No comments:
Post a Comment