NIST publishes discussion of cybersecurity framework
NAFCU Senior Regulatory Affairs Counsel Tessema Tefferi
Aug. 29, 2013 – The National Institute of Standards and Technology has published a draft discussion of its proposed cybersecurity framework, which will be released for public comment in October.
NIST’s draft discussion comes before the fourth workshop in a series that aims to bring together representatives from government, industry and academic sectors to collaborate on a voluntary cybersecurity framework. The fourth workshop is scheduled for Sept. 11-13 at the University of Texas at Dallas – it will be the last workshop before the preliminary framework is released in October.
The framework is meant to help reduce risks to critical infrastructure. The final framework is scheduled to be released in February of 2014, at which point NAFCU will seek input from its members and submit comments to NIST.
On Tuesday, NAFCU participated in a meeting with representatives from the Financial Services Sector Coordinating Council for Critical Infrastructure Protection, of which NAFCU is a member, and NIST, including NIST Director Patrick Gallagher. The meeting, attended by Tessema Tefferi, NAFCU senior regulatory affairs counsel, addressed developments related to cybersecurity. The group also discussed the importance of coordination between the public and private sectors and between regulatory entities.
In April, NAFCU submitted a comment letter to NIST on its initial notice of inquiry regarding the framework. NAFCU supported the initiative as it is voluntary, but urged NIST to not take a one-size-fits-all approach as it develops the framework.
NIST draft discussion