NIST calls for comments on improving cybersecurity framework

The National Institute of Standards and Technology (NIST) is seeking information to assist in evaluating and improving its cybersecurity resources — including the widely-used NIST Cybersecurity Framework (CSF) and a variety of existing and potential standards, guidelines, and other information. That includes guidance relating to improving cybersecurity in supply chains.

Evaluating and Improving the NIST Cybersecurity Framework (CSF)

NIST is seeking information about the use, adequacy, and timeliness of the CSF – and the degree to which other NIST resources (e.g., the Privacy Framework, Risk Management Framework, Secure Software Development Framework, and NICE Workforce Framework) are used in conjunction with, or instead of, the CSF. NIST also wants to better understand opportunities for greater alignment and harmonization of the CSF with other resources. This will help NIST provide even more effective support to organizations as they manage different types of cybersecurity risks.

NIST also seeks information about challenges that may prevent organizations from using the CSF or using it more easily or extensively (e.g., resource considerations, organizational factors, workforce gaps, or complexity). Ultimately, NIST wants to better understand how the CSF is being used today—along with recognizing what’s working and what could work better.

Evaluating and Improving Cybersecurity Supply Chain Risk Management

NIST is also seeking information on the challenges organizations are facing from a technology supply chain perspective to inform a public-private partnership, the National Initiative for Improving Cybersecurity in Supply Chains (NIICS). NIST requests information about needed tools and guidance and how NIICS might be aligned and integrated with the CSF. This information will help NIST to identify and prioritize supply chain-related cybersecurity needs across sectors.

NIST is also hosting an upcoming NCCoE Learning Series Fireside Chat – A Look at the Cybersecurity Framework: Where We’ve Been, Where We Are, and Where We’re Going for more information about this RFI, the evolution of the Framework, and NIST’s future plans.

Access the RFI

Related Posts

Previous Post
Mizuho taps Quantifi for equity derivatives platform
Next Post
Aioi Nissay Dowa adopts Bloomberg’s AIM to digitize asset management workflows

Fill out this field
Fill out this field
Please enter a valid email address.

X

Reset password

Create an account