Organizations looking for details on reducing cybersecurity risks can now view a draft update to the "Framework for Improving Critical Infrastructure Cybersecurity" from the National Institute of Standards and Technology (a.k.a. NIST's Cybersecurity Framework).

First published in February 2014, the Cybersecurity Framework offers voluntary guidance for those managing the cybersecurity of critical infrastructure such as bridges, the electric power grid, etc. 

Feedback on the first draft was received from industry, academia and government agencies. Comments integrated in the 2017 draft include new details on managing cyber supply chain risks, plus clarification of key terms (particularly in regards to accounting for authentication, authorization and identity proofing) and an introduction of measurement methods for cybersecurity.

NIST says that the refinements and enhancements to the Cybersecurity Framework can be implemented with minimal or no disruption.

The deadline to send comments on version 1.1 is April 10, 2017. Feedback can be directed to

In Other News
Closing the federal remote work gap
John Greenstein of Bluescape outlines the steps federal leaders can take to create a more equitable environment in the age of hybrid workplaces.
Is Easter a federal holiday?
Traditionally, the president observes the date with an annual Easter egg roll for children on the White House lawn.
Load More