now browsing by tag
Posted by: | on March 17, 2018
One of the biggest obstacles to securing the nation’s critical infrastructure components, as well as to securing enterprise environments, is poor coordination.
Whether it’s the lack of a common vocabulary, a lack of agreement about best practices and recommended methodologies, or simply seeing security through different lenses, it’s clear that without a common playbook from which to collaborate, the public and private sectors both struggle to work create truly effective security strategies.
It’s against that backdrop that the National Institute of Standards and Technology is preparing to release an updated version of its Cybersecurity Framework, with an eye on making the framework easier to understand and adopt. NIST is currently reviewing public comments on the draft update (the comment period ended in January), and is expecting to release the new framework later this year.
The Cybersecurity Framework, which was first mandated by the Cybersecurity Enhancement Act of 2014, was born from an executive order issued by Barack Obama in 2013. Originally conceived as a way to get private sector entities charged with protecting critical infrastructure components such as roads, bridges and the power grid on the same page, the Cybersecurity Framework has subsequently been adopted by industries and organizations of all types and sizes.
View full post on National Cyber Security Ventures