NIST Seeks Public Comments on the Cybersecurity Framework

By Renee Dopplick, ACM Director of Public Policy
December 21, 2015

The National Institute of Standards and Technology (NIST) invites public comments on how its voluntary Cybersecurity Framework is being used, possible updates, and options for the long-term governance and management of the Framework. Comments are due by February 9.

The Framework, officially known as the “Framework for Improving Critical Infrastructure Cybersecurity,” provides standards, methodologies, procedures, and processes for managing cyber risks. NIST is particularly interested in feedback on which portions of the Framework have been useful and what steps can be taken to prevent duplication or conflicts with regulatory requirements.

Stakeholders are asked to consider whether there are updates to technical and other standards that should be incorporated in future updates and whether there are new industry initiatives that could inform any updates. NIST also welcomes feedback on the private sector’s involvement in the future governance of the Framework.