25 May 2017

NIST releases cybersecurity framework guidance in support of cyber EO

by Tony Ware

New draft guidance from the National Institute of Standards and Technology has been released to offer federal agencies best practices in support of President Trump’s May 11 executive order on strengthening cybersecurity. 

NIST Interagency Report 8179, “The Cybersecurity Framework: Implementation Guidance for Federal Agencies,” outlines ways agencies can comply with the new mandate stating they must implement a NIST-developed framework for securing federal networks and critical infrastructure. 

The NIST document can assist agencies in vetting vendors and aligning cybersecurity practices to the acquisition process; managing cybersecurity requirements and assigning responsibilities throughout an organization; and assessing how well the agency is complying with the Federal Information Security Management Act, among other data protection laws and needs.

NIST is looking for agencies to give feedback on their implementation of the guidance. Feedback will be collected at the Federal Computer Security Managers’ Forum Annual Offsite Meeting, held June 20 and 21 at NIST’s Gaithersburg, Md., campus, and public comment will be accepted until June 30.

No comments: