Infrastructure protectionNext NIST workshop on critical infrastructure cybersecurity framework: Dallas, 11 September 2013
Registration is now open for the fourth in a series of workshops to bring together representatives from government, industry, and academia to establish a voluntary Cybersecurity Framework which will help reduce risks to critical infrastructure. The workshop will be held 11-13 September 2013, at the University of Texas at Dallas, and will be the final public session before the preliminary framework is formally released later this year.
Opening panel of a recent NIST conference // Source: nist.gov
Registration is now open for the fourth in a series of workshops to bring together representatives from government, industry, and academia to establish a voluntary Cybersecurity Framework which will help reduce risks to critical infrastructure. The workshop will be held 11-13 September 2013, at the University of Texas at Dallas, and will be the final public session before the preliminary framework is formally released later this year.
A NIST release reports that Executive Order 13636, Improving Critical Infrastructure Cybersecurity, directed the National Institute of Standards and Technology (NIST) to work with stakeholders to develop a framework consisting of standards, guidelines and best practices to promote the protection of critical infrastructure. NIST will release a preliminary framework for public comment in October 2013, and the final framework in February 2014.
“The focus of the Dallas meeting will be on the first full draft that we plan to make available in August. That draft will reflect input from critical infrastructure stakeholders provided in previous workshops, and in Dallas, we want to make sure we provide a chance to get direct and extensive feedback on the draft,” said Adam Sedgewick, senior information technology policy advisor at NIST.
The Dallas workshop will be preceded by an “Executive Order primer” on Tuesday, 10 September, for participants who are new to the framework development process and to ensure that there is a good understanding of how the framework can be adopted by organizations.
NIST has released an update of the framework’s development, based on input received at the most recent workshop, held 10-12 July 2013, in San Diego, California, as well as at two prior sessions and an earlier “Request for Information.” At the July working meeting, more than 350 representatives from critical infrastructure owners and operators, industry associations, standards developing organizations, and government reviewed a draft outline of the preliminary framework and discussed structure, informative references and implementation levels. Breakout sessions covered executive engagement, awareness, privacy and small business considerations, among other topics. Videos of the plenary sessions are available on NIST’s Web site.
“We consider this a long-term process to enhance the cybersecurity of our critical infrastructure,” said Sedgewick. “NIST will continue to work with all of our stakeholders to ensure the framework is a useful tool that is consistently updated to reflect changes in technology, risks, feedback from industry and other factors.”
On 25 July 2013, Under Secretary of Commerce for Science and Technology and NIST Director Patrick Gallagher testified before the Senate Committee on Commerce, Science and Transportation to describe NIST’s collaboration with the private sector to develop the framework.
NIST says it invites all organizations and individuals to contribute to the development of the Cybersecurity Framework by contacting NIST at cyberframework@nist.gov. Key links:
- Register here for the September meeting in Dallas
- Review here materials related to the framework, including videos of previous meetings
- Get the current update on the framework development process:
- See videos of the San Diego meeting plenary sessions:
- Read Director Gallagher’s Senate testimony
