The National Institutes of Standards and Technology has released the first version of its a Framework for Improving Critical Infrastructure Cybersecurity, meant to help organizations charged with providing the nation’s financial, energy, health care and other critical systems better protect their information and physical assets from cyber attack.
The Framework comes out of an executive order issued in February 2013, calling for a voluntary set of standards, guidelines and practices to help organizations manage cyber risks. According to NIST, organizations can use the framework to determine their current level of cybersecurity, set goals for cybersecurity that are in sync with their business environment, and establish a plan for improving or maintaining their cybersecurity.
DHS has also announced the launch of public-private partnership to strengthen cybersecurity with critical infrastructure such as power grids and pipelines. The Critical Infrastructure Cyber Community – “C cubed” – program, is designed to help align critical infrastructure owners and operators with existing resources that will assist their efforts to adopt the cybersecurity framework.