Promotion of cybersecurity framework needed



Promotion of cybersecurity framework needed

In late 2015, the Government Accountability Office (GAO) released a report reviewing aspects of the cybersecurity standards and procedures developed by the National Institute for Standards and Technology (NIST) to protect U.S. critical infrastructure. The report follows up on the Cybersecurity Enhancement Act of 2014, and determines the extent to which NIST facilitated the development of voluntary cybersecurity standards and procedures. The report also notes what federal agencies promoted these standards and procedures.

During their review, GAO surveyed stakeholders from the public and private sectors who collaborated with NIST in establishing their Framework for Improving Critical Infrastructure Cybersecurity, which provides a flexible and risk-based approach for entities within the nation’s critical infrastructure sectors to protect them from cyber-based threats. However, GAO found that not all sector-specific agencies have promoted the framework in their sectors, which may hinder the adoption of the cybersecurity framework.

GAO-16-152

For more information about this report, please follow the link below.
GAO-16-152, Critical Infrastructure Protection: Measures Needed to Assess Agencies’ Promotion of the Cybersecurity Framework

Opt In Image
GET SIMONS CENTER EMAIL ALERTS
Get Simons Center News & Information Delivered to Your Inbox

Simply enter your email address below and click the subscribe button...

We 100% respect your privacy


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>