The National Institute of Standards and Technology is diligently reviewing the nearly 130 comments from industry and other groups on a draft update to the framework of cybersecurity standards, as it prepares an analysis of that input in advance of a highly anticipated public meeting this month.
That meeting will likely set the course and schedule for updating the framework, which remains a cornerstone of the government’s cybersecurity policies during the transition from an Obama to a Trump administration.
NIST has been quietly and steadfastly working on updating the framework amid the blizzard of activity surrounding the Trump administration as the president hit his 100-day mark on Saturday, which included a run-up of high-profile initiatives on issues ranging from health care to tax policy to North Korea’s nuclear ambitions – as well as a much-anticipated executive order on cybersecurity.
The NIST workshop on May 16-17 in Gaithersburg, MD, will kick off with a review of the agency’s analysis of the dozens of comments on the proposed framework update, which includes such controversial issues as the use of metrics, managing supply-chain risks, the Internet of the Things and emerging risks, and sector-specific needs for health care and energy producers among other industries….SOURCE