Categories

NIST Cybersecurity Framework 1.1: A Blueprint For Compliance And Assurance

Monday, August 6, 2018


In February 2014 the U.S. National Institute of Standards in Technology (‘NIST’) published the first NIST Cybersecurity Framework, responding to an Executive Order on improving critical infrastructure cybersecurity issued by President Obama. At the end of last year, NIST released draft two of the Framework for Improving Critical Infrastructure Cybersecurity Version 1.1, which incorporates feedback received by NIST since the release of Version 1.0.

While cybersecurity has become an obsession for business and government in the past decade, we are still adrift on selecting the standards needed to build an adequate cyber protection program. Many standards bodies have released proposals, and every profession from auditors to privacy officers propose their own certifications and methods of building secure data architecture. 

And yet, no court case has firmly recognized any set of commercial data protection standards, and no regulatory entity has consistently held with a set of required behaviors, technologies, and procedures. We navigate this ocean without sextant or North Star.

THE NATIONAL LAW REVIEW, 04.20.2018

Click for more...