Promotion of cybersecurity framework needed

In late 2015, the Government Accountability Office (GAO) released a report reviewing aspects of the cybersecurity standards and procedures developed by the National Institute for Standards and Technology (NIST) to protect U.S. critical infrastructure. The report follows up on the Cybersecurity Enhancement Act of 2014, and determines the extent to which NIST facilitated the development of voluntary cybersecurity standards and procedures. The report also notes what federal agencies promoted these standards and procedures.

During their review, GAO surveyed stakeholders from the public and private sectors who collaborated with NIST in establishing their Framework for Improving Critical Infrastructure Cybersecurity, which provides a flexible and risk-based approach for entities within the nation’s critical infrastructure sectors to protect them from cyber-based threats. However, GAO found that not all sector-specific agencies have promoted the framework in their sectors, which may hinder the adoption of the cybersecurity framework.

GAO-16-152

For more information about this report, please follow the link below.
GAO-16-152, Critical Infrastructure Protection: Measures Needed to Assess Agencies’ Promotion of the Cybersecurity Framework

Posted: January 26, 2016 by

READ THE LATEST UPDATES FROM THE SIMONS CENTER

History of North Korea topic of latest ARNSF

Distinguished Speaker Series explores roots of the conflict in Gaza

Call for Papers - InterAgency Journal (Deadline Extended to Apr. 12, 2024)

  • "*" indicates required fields

    SUBSCRIBE TO THE NEWSLETTER

    Sign up to receive updates by email. We do not sell or share your info.

    This field is for validation purposes and should be left unchanged.