Oct. 29 -- President Barack Obama met with U.S. business leaders Oct. 29 to discuss efforts to implement a private sector cybersecurity framework, according to the White House.
Meanwhile, the Department of Commerce's National Institute of Standards and Technology Oct. 29 published a notice officially opening the public comment period on its previously released cybersecrurity framework (78 Fed. Reg. 64,478, 10/29/13).
Public comments are due by Dec. 13.
“The companies that met with the president were among those that worked most closely on the framework, and this meeting is part of the administration's ongoing dialogue with the private sector on cybersecurity,” Jay Carney, White House press secretary, told reporters during his daily briefing.
The meeting was attended by chief executive officers from the information technology, financial services and energy sectors, according to a statement issued by the White House.
Industry participants, including the CEOs of Bank of America Corp., MasterCard Inc., Intel Corp. and Pepco Holdings Inc., expressed appreciation for the way the framework was developed in partnership with the private sector and support for the process moving forward, the White House said.
Both the companies and the government officials expressed a “strong desire” for Congress to pass legislation that would improve cyberthreat information sharing, while protecting privacy and civil liberties, according to the statement.
The House has passed such an information sharing bill, the Cyber Intelligence Sharing and Protection Act (CISPA) (H.R. 624) (12 PVLR 671, 4/22/13), but the Senate has not acted on the measure.
Obama issued a cybersecurity executive order in February (12 PVLR 257, 2/18/13) after Congress failed to reach agreement on cybersecurity in 2012 (11 PVLR 1680, 11/19/12).
“We hope today's meeting will help pave the way for action on these needed changes,” Financial Services Roundtable Chief Executive Officer Tim Pawlenty said in a statement.
“The President's Executive Order on cyber security was helpful and the House of Representatives passed needed legislation on this topic. We urge the Senate to make this issue a top priority and pass similar legislation.”
Pawlenty repeated his call for the Senate to pass H.R. 624 the next day at a Bloomberg Government cybersecurity conference (see related report).
NIST unveiled its draft cybersecurity framework Oct. 22 consisting of voluntary best practices for the private sector (12 PVLR 1826, 10/28/13). The framework outlines a set of cybersecurity steps that can be customized to various sectors and adapted by both large and small organizations, NIST said at the time.
NIST said in the notice that public comments are expected to help in producing a final framework by February 2014, as required under Obama's executive order.
As part of the White House's cybersecurity initiative, the Department of Homeland Security must coordinate the development of a program with incentives to promote the NIST framework.
In addition, regulatory agencies have been directed to review any existing cybersecurity mandates and determine whether they are still adequate.
Cybersecurity activities are organized in the framework into five main functions: identify, protect, detect, respond and recover.
While primarily designed for critical infrastructure entities--such as power plants and water systems--and their partners, the framework can be applied to organizations across the private sector that are facing mounting cyberthreats, according to NIST.
To contact the reporter on this story: Alexei Alexis in Washington at email@example.com
To contact the editor responsible for this story: Heather Rothman at firstname.lastname@example.org
NIST's The draft cybersecurity framework is available at http://www.nist.gov/itl/upload/preliminary-cybersecurity-framework.pdf.
NIST's notice calling for public comment on the framework is available at http://www.gpo.gov/fdsys/pkg/FR-2013-10-29/pdf/2013-25566.pdf.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to email@example.com.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).