The cybersecurity framework released earlier this month by the National Institute of Standards and Technology has the potential to change federal agencies' approach to cybersecurity as well as that of the original intended audience of private sector critical infrastructure companies, said a NIST official. The framework outlines a maturity model of four tiers against which adoptees can benchmark the sophistication of their cybersecurity program.
A Commerce Department official say it's rethinking its data infrastructure with an eye to making data seamlessly consumable internally and externally across the many industry sectors encompassed by its bureaus. "Rather than a federated approach to data, the one thing that we're learning is that data has to be done at scale. The real power of data comes from integrating it," said Patrick Gallagher, acting commerce deputy secretary. He spoke Jan. 31 during a meeting of the President's Council of Advisors on Science and Technology.
The National Institute of Standards and Technology will review its cryptographic standards development process and subject it to public comment and a formal review by an independent organization, the agency announced Nov. 1. In addition, Computer Security Division Chief Donna Dodson wrote that NIST will examine its existing body of cryptographic work and the procedures used to develop them, promising to address any cases where in retrospect the agency fell short "as quickly as possible."
A slightly-delayed preliminary federal cybersecurity framework detailing cybersecurity standards meant for voluntary adoption by private sector operators of critical infrastructure that the National Institute of Standards and Technology released Tuesday still leaves unanswered questions about how adoption will be measured.
The National Institute of Standards today release a much anticipated, slightly delayed preliminary draft (.pdf) of the cybersecurity framework meant for voluntary adoption by private sector operators of critical infrastructure.
National Institute of Standards and Technology Director Patrick Gallagher again defended his agency's collaboration with the National Security Agency over cybersecurity standards development.
The chair and ranking member of the Senate Commerce, Science and Transportation Committee--Sens. Jay Rockefeller (D-W.Va.) and John Thune (R-S.D.), respectively--formally introduced a bill (S. 1353) July 25 that would codify into law the cybersecurity framework called for by President Obama in a Feb. 12 executive order. The committee will meet July 30 to vote on the bill and others.
"We need Congress to enact a suite of comprehensive cybersecurity legislation," said Homeland Security Secretary Janet Napolitano in testimony before Senate committees. The Government Accountability Office also suggests the White House cybersecurity coordinator develop an overarching strategy that integrates the executive order with existing cyber guidance.
The intersection of cloud computing and big data gives government agencies opportunities in areas such as DNA sequencing and national security, said speakers at a National Institute of Standards and Technology workshop. Federal Chief Information Officer Steven VanRoekel said that the federal government in only at the "tip of the iceberg" in its use of cloud and big data.
Whether or not members of Congress support the Obama administration's proposal for a $1 billion National Network for Manufacturing Innovation effort may depend on which side of a debate over the state of American manufacturing representatives fall, says the Congressional Research Service.Those of a view that U.S. manufacturing is in decline point to the decades-long overall decline of manufacturing jobs in the U.S. economy. At its peak, in June 1979, manufacturing employed 19.6 million Americans, 41 percent of the workforce.