NIST RFI on Cybersecurity Framework
The National Institute of Standards and Technology (NIST) is seeking information on how it might update and improve its February 2014 ‘‘Framework for Improving Critical Infrastructure Cybersecurity.” The Framework consists of voluntary standards, guidelines, and practices intended to help organizations manage cybersecurity risks. In a Request for Information (RFI) issued on December 11, 2015, NIST requests information about “the variety of ways in which the Framework is being used and the relative value of different parts of the Framework, the possible need for an update of the Framework, how best practices for using the Framework are being shared and might be enhanced, and the long-term governance of Framework.” Comments are due February 9, 2016.
