Preliminary Framework to Protect Critical Infrastructure from Cyberattack Introduced

Online attacks on the nation’s critical infrastructure are one of the most serious challenges to U.S. national security. Power generation, transportation and telecommunications are the backbone of U.S. critical infrastructure, and these sophisticated systems rely on information technology, which makes them susceptible to online attacks.

In February 2013, President Obama issued Executive Order 13636—Improving Critical Infrastructure Cybersecurity, outlining steps to reduce the risk of cyberattack on power, transportation, and telecom networks.

On October 22, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) released its Preliminary Cybersecurity Framework. The framework is the first step in helping critical infrastructure owners and operators reduce the risk of cyberattack. It outlines a set of steps that can be customized to various sectors and adapted by both large and small organizations while providing a consistent approach to cybersecurity. It also helps identify and prioritize opportunities for improvement within the context of risk management and to assess progress toward cybersecurity goals.

Framework Core Structure

Pictured: The framework core structure outlines the approach to assessing threats. From “Preliminary Cybersecurity Framework,” page 5.

In the near future, NIST will provide an opportunity for the public to submit comments on the framework. The Office of Advocacy will issue a Regulatory Alert when the public comment period opens. NIST plans to release the official framework in February 2014, as called for in the executive order.

Additional information about the preliminary framework is available on NIST’s website. For more information, call or email Assistant Chief Counsel Major Clark, (202) 205-7150.

—Assistant Chief Counsel Major Clark III

One Response to Preliminary Framework to Protect Critical Infrastructure from Cyberattack Introduced

  1. Donny Gamble says:

    I hope that the government comes up with a pausable solution to help stop internet security breaches as well as fraud. This could be a national threat to the security of individual’s lives.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>