The National Institute of Standards and Technology (NIST) has released a draft outline of the Cybersecurity Framework for Critical Infrastructure.
On July 2, 2013, the National Institute of Standards and Technology (NIST) released a draft outline of the Cybersecurity Framework for Critical Infrastructure. The outline reflects comments received after a February 2013 request for information, several workshops and other forms of stakeholder input. The framework will include:
A section for senior executives on how to use the framework to evaluate preparedness for cybersecurity-related impacts on their assets and on their ability to deliver products and services.
A user guide to help organizations understand how to apply the framework.
The core structure, including an organization's five major cybersecurity functions: "Know, Prevent, Detect, Respond, Recover".
A compendium of informative references, existing standards, guidelines and practices to aid in implementation.
Interested parties may submit comments before or during the next workshop on July 10-12, 2013 in San Diego, CA.