Guest blog post by Patrick Gallagher, Under Secretary of Commerce for Standards and Technology and Director, National Institute of Standards and Technology
Just about everything these days—from banking to health care to the electricity powering our homes—is rooted in cyberspace. This any time, any where interconnected world unfortunately brings with it a constantly evolving set of security challenges.
That’s why President Obama directed the National Institute of Standards and Technology (NIST) to work with industry on a voluntary cybersecurity framework for better protecting the nation’s critical infrastructure.
The idea is to use existing standards, guidelines and best practices to reduce cyber risk across sectors and develop capabilities to address the full-range of quickly changing threats. The framework will provide a flexible toolkit any business or other organization can use to gauge how well prepared it is to manage cyber risks and what can be done to strengthen its defenses.
It is vital that companies understand their digital assets and accurately assess the maturity of their cyber protections so they can properly allocate resources. These needs stretch across a spectrum from maintaining awareness of existing threats to preventing, detecting, and responding to attacks to recovering from them.