Jump to Main Content

National Institute of Standards and Technology- Final Cybersecurity Framework

On February 12, 2014, the National Institute of Standards and Technology (NIST) published the Final Cybersecurity Framework. According to NIST, “the framework allows organizations—regardless of size, degree of cyber risk or cybersecurity sophistication—to apply the principles and best practices of risk management to improve the security and resilience of critical infrastructure.”

In February 2013, President Obama issued Executive Order 13636: Improving Critical Infrastructure Cybersecurity. The order calls for the development of a voluntary, risk-based Cybersecurity Framework—a set of existing standards, guidelines and practices to help organizations manage cyber risks. The resulting framework, created through public-private collaboration, provides a common language to address and manage cyber risk in a cost-effective way based on business needs, without placing additional regulatory requirements on businesses.


Thursday, March 20, 2014