US govt releases cyber-security framework for critical infrastructure

Security

by CBR Staff Writer| 14 February 2014

Defending power grids, water systems and financial networks against cyber-attacks.

The US government Commerce Department's National Institute of Standards and Technology (NIST) has released the final version of its 'cybersecurity framework' in a bid to better help banking, defence, utilities and other industries in countrywide to protect against cyber attacks.

Originating from an executive order issued by President Barack Obama last year, the latest 'Framework for Improving Critical Infrastructure Cybersecurity' enables the government to direct an information-sharing network, though its stops short of making it compulsory for companies to make disclosure of cyber threats mandatory.

The new cybersecurity framework incorporates ample amount of industry input to prepare guidelines for 16 different sectors including food and agriculture, energy and transportation systems.

Obama said in a statement that although the latest Framework marks a turning point, it's clear that much more work needs to be done to enhance cybersecurity.

"I again urge Congress to move forward on cybersecurity legislation that both protects our nation and our privacy and civil liberties," Obama added.

"Meanwhile, my Administration will continue to take action, under existing authorities, to protect our nation from this threat."

The overall goal of the programme is to defend the so-called critical infrastructure including power grids, water systems and financial networks against cyberattacks.

Built around five broad categories including identify; protect; detect; respond; and recover, the current framework excludes tax breaks or other financial incentives, which could boost the industry to take up the framework.

US Under Secretary of Commerce for Standards and Technology, NIST Director Patrick Gallagher said that the framework provides a consensus description of what's needed for a comprehensive cybersecurity programme.

"It reflects the efforts of a broad range of industries that see the value of and need for improving cybersecurity and lowering risk," Gallagher said.

"It will help companies prove to themselves and their stakeholders that good cybersecurity is good business."

Cyber-security has been a major issue faced by the US, which in-turn pose a national security threat.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

716 people like this.
1528 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.