ITL Bulletin: NIST to Develop a Cybersecurity Framework to Protect Critical Infrastructure (March 2013) [open pdf - 386KB]
Alternate Title: NIST to Develop a Cybersecurity Framework to Protect Critical Infrastructure (March 2013)
"The reliability and trustworthiness of our nation's critical infrastructure is vital to the economic and national security of the United States. Under Executive Order 13636, 'Improving Critical Infrastructure Cybersecurity,' the President has directed National Institute for Standards and Technology (NIST) to develop a voluntary framework for reducing cyber risks to our nation's critical infrastructure. The Cybersecurity Framework will consist of standards, methodologies, and procedures that promote the protection of information systems supporting crucial infrastructure operations. It will promote the wide adoption of best practices to increase cybersecurity across all sectors and industry types. The flexible and cost-effective approach of the Framework will assist owners and operators of critical infrastructure in managing cybersecurity risk while ensuring business confidentiality and individual privacy. Working with stakeholders in government, industry, and academia, NIST's Information Technology Laboratory has initiated the development of the Framework by conducting a comprehensive review of the current cybersecurity landscape through a Request for Information (RFI). Published in the 'Federal Register' of February 26, 2013, the RFI requests information to identify, refine, and guide the many interrelated challenges and efforts needed to draft the Framework. As always, NIST will engage with and seek input from stakeholders through an open public review and comment process, workshops, and other means of engagement."
National Institute of Standards and Technology: http://www.nist.gov/