As I
mentioned earlier this week, today the National Institute of Standards and
Technology published a notice in the Federal Register (81 FR
7506) announcing the extension of the comment period on their request for
information (RFI) on updating the Cybersecurity Framework. The comment period
is extended until February 23rd, 2016.
It does not appear that there were any specific requests for
extension of the comment period. The notice only mentions that
the comment period coincides with “a timeframe in which a variety of
cybersecurity events are scheduled to occur”. While a number of cybersecurity
professionals do attend many of these events, I really doubt that that is the
reason for the very
poor comment rate that we have seen to date.
I would like to mention again that NIST has adopted the use
of a spread
sheet format for submission of comments. Since I also do my own personal
reviews of these comments (as my readers are certainly aware) I can attest to
the fact that it is much easier to compile comments from this spread sheet
format. If you have to include a long expository comment showing your erudition
and mastery of the subject matter, please at least take the time to put a brief
answer to the questions into the NIST response form. I know that I will only
give a cursory scan to your exposition and concentrate on the concise answers
in the form.
No comments:
Post a Comment