The Naval Postgraduate School & The U.S. Department of Homeland Security

NISTs New 'Framework' for Cybersecurity

Cybersecurity is an important subject, especially when it comes to the U.S. government. We are becoming a more "connected" society, and with a constant connection there are constant risks. The threats on our critical infrastructure places the Nation's, "security, economy, public safety and health at risk." On February 12, 2014, The National Institute of Standards and Technology (a.k.a NIST) released its first version of Framework for Improving Critical Infrastructure Cybersecurity. This report references the standards and guidelines while promoting "the protection of critical infrastructure."  These approaches aid in the process of managing cybersecurity-related problems.

In relation to NIST's book, the White House, Office of the Press Secretary, had a background briefing regarding the launch of the Cybersecurity Framework and how it is a document that acts as a "roadmap" which illustrates a "common-sense conversation about how to protect these critical assets."

The President has also issued Executive Order 13636, "Improving Critical Infrastructure Cybersecurity," stating that, "[i]t is the Policy of the United States to enhance the security and resilience of the Nation's critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties."

The new Framework is not promoting itself as a "one-size-fits-all approach" to manage risks; everybody has different vulnerabilities and unique risks. The NIST Framework is specifically targeted toward, "reducing and better managing cybersecurity risks."

This link will provide a list documents pertaining to Cybersecurity. Note: HSDL login may be required to access certain documents.