Today the National Institute of Standards and Technology
published a request for information in the Federal Register (79 FR
50891-50894) concerning information about organizational experiences with
the implementation of the Framework for Improving Critical Infrastructure
Cybersecurity that was published
in February.
Responses to this RFI will help NIST develop tools and
resources to help organizations to use the Framework more effectively and
efficiently. The information will also be shared with DHS to aid in the
implementation of the Critical Infrastructure Cyber Community (C3)
Voluntary Program that the Administration developed to encourage organizations
to implement the Framework. Finally, the information will help NIST to
establish the agenda details of the upcoming Framework
review workshop in October 2014.
The RFI is looking for specific information in three broad
categories. Within each of those areas NIST proposes a series of questions that
it would like to have answered by critical infrastructure organizations,
standards setting organizations, and governmental agencies at all levels
concerned with cybersecurity issues. Those three categories are:
As we came to expect during the development of the
Framework, NIST is not using the Federal eRulemaking Portal for their
information collection process. Responses will be sent directly to NIST and may
be submitted by email (cyberframework@nist.gov).
Responses should be sent by October 10th, 2014. Responses will
be published on the NIST Framework web site.
Posts
No comments:
Post a Comment