While most of the cybersecurity community was focused over
at the NIST web site
today to see the official roll-out (on time I reluctantly add) of the
Cybersecurity Framework, there was an equally important set of cybersecurity
information being rolled out over on the DHS web site. DHS is, after all, is
going to be the federal agency responsible for ‘overseeing’ the implementation
of the Cybersecurity Framework.
The Blog
It started off this afternoon with a
blog post by Suzanne Spaulding, the Acting Under Secretary for the National
Protection and Programs Directorate. In that post she recapped the evolution of
the Cybersecurity Framework under the auspices of NIST and announced the DHS
supporting program the C3 Voluntary Program.
The three C’s of C3 represent actions to be taken
by DHS to support industry in increasing cyber resilience, to increase awareness
and use adoption of the Cybersecurity Framework, and encourage organizations to
manage cybersecurity as part of an all hazards approach to enterprise risk
management. They stand for:
• Converging critical infrastructure community resources;
• Connecting critical infrastructure stakeholders; and
• Coordinating critical infrastructure cross sector efforts
C3
Voluntary Program
This new DHS effort is outlined in a new web site under the auspices of
US-CERT. This site is intended to be an information resource for the
cybersecurity community. The landing page provides a brief overview of the
program and links to the other pages on the site. They include:
There is a lot of information on these six pages, and I
expect that more will be coming. Over the next couple of days, I will be
looking at some of that information in more detail.
Posts
No comments:
Post a Comment