Search the Community
Showing results for tags 'RFI'.
Found 2 results
NIST has announced a new Request for Information (RFI). The RFI is expected to be released today (12/11/2015) to seek information from industry on the ways in which the Framework is being used; how best practices are being shared; the value of the different parts of the Framework; whether or not an update is needed; and the long-term management of the Framework. Responses are due on February 9, 2016. NIST will use the information received from the RFI to develop the agenda for the next Framework workshop planned for April 6 & 7 in Gaithersburg, MD. The RFI is available at: https://www.federalregister.gov/articles/2015/12/11/2015-31217/views-on-the-framework-for-improving-critical-infrastructure-cybersecurity
On Dec 5, 2014, NIST released an "Update on the Cybersecurity Framework". The full update is available at http://www.nist.gov/cyberframework/upload/nist-cybersecurity-framework-update-120514.pdf. The update provides a high-level summary of comments received through the Request For Information (RFI) released on Aug 26, 2014 and during the Tampa, FL workshop held Oct 29 & 30, 2014. The update in eight pages summarizes responses received on topics such as: How General Awareness of the Framework is being shared and received, Initial Experiences organizations have in using the Framework, Current thoughts on Framework Updates, The use of the Framework in Small/Medium-Sized Businesses, Regulation and Regulatory Concerns, Guidance for using the Framework, and International Aspects, Impacts, and Alignment of the Framework. The update also provided a summary on activities identified in the Framework Roadmap that NIST released in conjunction to the Framework. The update provides status updates on specific Roadmap areas including: Authentication Automated Indicator Sharing Supply Chain and Conformity Assessment Cybersecurity Workforce Standards Supporting the Framework Privacy Methodologies Finally, the update provides an overview of Next Steps NIST is considering to help address comments received during the workshop and RFI process. The first key next step is for NIST to continue increasing efforts to raise awareness of the Framework. Another NIST priority identified in the update was to develop and disseminate information and training materials to help organization use advance the use of the Framework. In addition to the training material NIST will explore options for providing publically-available Framework reference material. NIST also identified a goal for developing material on aligning the Framework to business processes.