Cybersecurity

NIST opens latest cyber framework draft for public comment

keyhole digital

The National Institute of Standards and Technology on Oct. 29 officially launched the public comment period for feedback on the most recent iteration of its proposed cybersecurity framework.

The Federal Register request for comments formally opens a 45-day period for the public to weigh in on the latest draft framework, released Oct. 22. The comment period will close Dec. 13.

The request for comment is the latest in a series of engagements with the general public, including private sector companies, operators of critical infrastructure, public sector employees and members of academia, among others.

The broad involvement in the framework's development has help lay the groundwork for the guidelines, with a final version due in February 2014 under requirements from President Barack Obama's February executive order addressing cybersecurity. NIST officials have held a series of workshops across the country throughout the year, with a final event slated for Nov. 14-15 in Raleigh, N.C.

"We knew it was essential to have early and substantive involvement" of the public, NIST Director Patrick Gallagher told reporters on Oct. 22. "As part of this effort more than 3,000 people have participated in the development, either through workshops, webinars, comments on drafts – this participation is absolutely essential."

The latest draft, and perhaps some of the feedback to date, will be up for discussion at the next workshop, as will be options for an industry-led governance structure for the framework, Gallagher said. It is likely that questions about how to measure compliance, privacy and civil liberties, and how to maintain the framework as a flexible document, even past February, also will be on the table in Raleigh.

"This is not going to be in a fully mature state when it's released in February," Gallagher said. "The framework must be a living document [and] allow for continuous improvement and technology and threats change and as business mature. It must evolve to meet business needs in real time."

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected