Now that the cybersecurity framework is out, the National Institute of Standards and Technology says a next step will be to map the alignment of its remaining library of cybersecurity guidance documents to practices called for in the voluntary guidance document.
Although the National Institute of Standards and Technology backed down from including a dedicated privacy appendix in the newly released critical infrastructure cybersecurity framework, it hasn't given up on the prospect of including privacy controls in future iterations of the framework. In the final version of the framework released Feb. 12 – final only in the sense that it's version 1.0 of what NIST says will be a "living document" – NIST removed an appendix containing privacy controls included in earlier drafts.
The House Homeland Security Committee approved by unanimous voice vote a cybersecurity bill that would codify the Homeland Security Department's role in federal cybersecurity and require it to work with the private sector on securing critical infrastructure.
The National Institute of Standards and Technology sees testing as critical to the formation of an identity ecosystem, as called for in the National Strategy for Trusted Identities in Cyberspace. On Jan. 16, NIST formally announced (.pdf) a federal funding opportunity for a third round of NSTIC pilots.
Funding for the National Institute of Standards and Technology this fiscal year under the omnibus federal funding bill signed into law by President Obama Jan. 17 will be better than in recent years past. The compromise funding bill (H.R. 3547) appropriates $850 million for NIST – not as much as the Commerce Department bureau's $928.3 million request, but $41 million above the enacted fiscal 2013 level, and well more than the $782.4 million it received in fiscal 2012.
The final draft of the critical infrastructure cybersecurity framework under development by the National Institute of Standards and Technology for nearly a year will not include a separate appendix for privacy controls. In the place of a dedicated privacy appendix, NIST will incorporate an alternative methodology first developed (.pdf) by Hogan Lovells partner Harriet Pearson.
A House Homeland Security subcommittee approved by unchallenged voice vote a critical infrastructure cybersecurity bill, adding in the process several amendments – one of which could generate opposition to an otherwise bipartisan bill.
Comments from critics of the National Institute of Standards and Technology's decision to establish a new federally funded research and development center focused on cybersecurity haven't deterred it from going forward, shows a Jan. 10 notice from NIST in the Federal Register.
Warning messages presented when users access a computer system to caution against tresspassing decrease the duration of tresspassing incidents, according to a study in the journal Criminology. However, the messages did not prevent the incidents from occuring.
A revised National Infrastructure Protection Plan issued by the Homeland Security Department in late December places greater emphasis on security and resilience than its predecessor from 2009.