The National Institute of Standards and Technology (NIST) will begin accepting comments and feedback starting on December 11 on its voluntary “Framework for Improving Critical Infrastructure Cybersecurity.”
The Request for Information includes specific inquiries regarding how it is being used, best practices and how they are shared, the possible need for updating the Framework and thoughts on the long-term management of the Framework.
“The process to develop the Framework brought together both private and public sector organizations and resulted in a document that is being used by a wide variety of organizations,” said Adam Sedgewick, NIST senior information technology policy advisor.
The Framework, created two years ago by Executive Order, consists of standards, practices and guidelines geared toward helping organizations tackle various cyber risks. It was officially released in February 2014 with input from industry, government and academic sources.
The comment period will remain open until Feb. 9, 2016.