An Interest In:
Web News this Week
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
- April 20, 2024
- April 19, 2024
- April 18, 2024
Some of Our Sources
- Slashdot
- Vandelay Design
- Inspiredology
- FanExtra - PSD
- CSS Globe
- Line 25
- Web Resource Source
- Codrops
- Daily Now
- Hashedout
Help Webnuz
Referal links:
December 10, 2017 04:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/yFrnbQkHOJ4/touting-governmentindustry-partnership-on-security-practices-nist-drafts-cybersecurity-fra
Touting Government/Industry 'Partnership' on Security Practices, NIST Drafts Cybersecurity Framework Update
Remember NIST, the non-regulatory agency of the U.S. Department of Commerce? Their mission expanded over the years to protecting businesses from cyberthreats, including a "Cybersecurty Framework" first published in 2014. "The original goal was to develop a voluntary framework to help organizations manage cybersecurity risk in the nation's critical infrastructure, such as bridges and the electric power grid," NIST wrote in January, "but the framework has been widely adopted by many types of organizations across the country and around the world." Now SC Media reports:The second draft of the update to the National Institute of Standards and Technology's cybersecurity framework, NIST 1.1, is meant "to clarify, refine, and enhance the Cybersecurity Framework, amplifying its value and making it easier to use," according to NIST. Specifically, it brings clarity to cybersecurity measurement language and tackles improving security of the supply chain. Calling the initial NIST CSF "a landmark effort" that delivered "important benefits, such as providing common language for different models" of standards and best practices already in use, Larry Clinton, president and CEO of the Internet Security Alliance, said "it fell short of some of the most critical demands of Presidential Executive Order 13636, which generated its development... "To begin with, the new draft makes it clear that our goal is not some undefined metric for use of the Framework, but for effective use of the Framework. Moreover, this use-metric needs to be tied not to some generic standard, but to be calibrated to the unique threat picture, risk appetite and business objective of a particular organization"... Clinton praised the process used by NIST as "a model 'use case' for how government needs to engage with its industry partners to address the cybersecurity issue." The internet's inherent interconnectedness makes it impossible for sustainable security to be achieved through anything other than true partnership, he contended. Slashdot reader Presto Vivace reminds you that public comments on the draft Framework and Roadmap are due to NIST by 11:59 p.m. EST on January 19, 2018. "If you have an opinion about this, NOW is the time to express it."Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/yFrnbQkHOJ4/touting-governmentindustry-partnership-on-security-practices-nist-drafts-cybersecurity-fra
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot