NIST work on framework update quietly proceeds amid hubbub over Trump cyber agenda

May 1, 2017

The National Institute of Standards and Technology is diligently reviewing the nearly 130 comments from industry and other groups on a draft update to the framework of cybersecurity standards, as it prepares an analysis of that input in advance of a highly anticipated public meeting this month.

That meeting will likely set the course and schedule for updating the framework, which remains a cornerstone of the government’s cybersecurity policies during the transition from an Obama to a Trump administration.

NIST has been quietly and steadfastly working on updating the framework amid the blizzard of activity surrounding the Trump administration as the president hit his 100-day mark on Saturday, which included a run-up of high-profile initiatives on issues ranging from health care to tax policy to North Korea’s nuclear ambitions – as well as a much-anticipated executive order on cybersecurity.

The NIST workshop on May 16-17 in Gaithersburg, MD, will kick off with a review of the agency’s analysis of the dozens of comments on the proposed framework update, which includes such controversial issues as the use of metrics, managing supply-chain risks, the Internet of the Things and emerging risks, and sector-specific needs for health care and energy producers among other industries….SOURCE

| Inside Cybersecurity