Syndicate content

Blog Category: Cybersecurity Framework

A Chance to Comment on Commerce’s Report on Cybersecurity Incentives

Submitted on March 28, 2013 - 1:00pm
Categories:
Cybersecurity (keyboard with a key silhouette on it)

As part of the Executive Order  signed by President Obama last month directing agencies to use their existing authorities and work with the private sector to better protect our nation’s power, water, and other critical systems, the Commerce Department is preparing a report on ways to incentivize companies and organizations to improve their cybersecurity.  To better understand what stakeholders –  such as companies, trade associations, academics and others – believe would best serve as incentives, the Department has released a series of questions to gather  public comments in a Notice of Inquiry published today.

The national and economic security of the United States depends on the strength of our nation’s critical infrastructure. The cyber threat to critical infrastructure is growing, and represents one of the most serious national security challenges that the United States must confront. As the President stated in the Executive Order, “repeated cyber intrusions into America’s critical infrastructure demonstrate a need for improved cybersecurity.”

As a first step toward protecting critical infrastructure, the Executive Order tasks the Department of Homeland Security (DHS) to identify the systems that could be affected by a cybersecurity incident which could in catastrophic regional or national effects on public health or safety, economic security, or national security.  Second, the National Institute of Standards and Technology (NIST) will develop a framework consisting of a set of standards, methodologies, procedures, and processes that align policy, business, and technological approaches to address cyber risks. This Cybersecurity Framework will provide a prioritized, flexible, repeatable, performance-based, and cost-effective approach to improving cybersecurity, which will help owners and operators of critical infrastructure identify, assess and mange cyber risk. Third, DHS will work with sector-specific agencies to develop the Critical Infrastructure Cybersecurity Program to promote voluntary adoption of the Framework.

read more

The Department of Commerce's Role in Improving Critical Infrastructure Cybersecurity

Submitted on February 18, 2013 - 4:00pm
Categories:
Deputy Secretary Rebecca Blank at Cybersecurity announcement

Last week, President Obama signed an Executive Order to strengthen the cybersecurity of this nation’s critical infrastructure. Threats from cyber attacks that could disrupt our power, water, and other critical systems are one of the most pressing risks facing both our nation’s security and our nation’s economy in the 21st century. So, in the absence of legislation to mitigate these threats to our infrastructure, the Executive Order directs federal agencies to use their existing authorities and work with the private sector to better protect our nation’s critical systems. 

We at the Commerce Department have an important role to play when it comes to strengthening the nation’s cybersecurity. In accordance with the president’s Executive Order, Commerce’s National Institute of Standards and Technology (NIST) will be leading the development of one of the Executive Order’s principle outcomes: a voluntary Cybersecurity Framework to reduce cyber risks.

read more