Is Anybody Out There Using the Cybersecurity Framework? Please Tell NIST!!


Anybody have an opinion on the NIST’s new, improved ways of beefing up cybersecurity?

The National Institute of Standards and Technology is seeking feedback on how its “Framework for Improving Critical Infrastructure Cybersecurity” is being used.

Developed in response to a February 2013 executive order, the framework consists of standards and processes “that align policy, business, and technological approaches to address cyber risks.” After a year-long open process, the framework was released Feb. 12, 2014. 

In the request for information, NIST is asking specific questions about:


  • how the framework is being used to improve cybersecurity risk management;
  • how best practices are being shared;
  • the relative value of the various parts of the framework;
  • the need for an update; and
  • options for long-term management of the framework.


Comments on the framework are due by Feb. 9, 2016.

In addition to looking for ways to improve cybersecurity, researchers at NIST are constantly working on other cool stuff. For example, NIST recently announced that it is trying to develop contactless fingerprint technology and also awarded $30,000 to the winner of an application development contest.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.