The Small Business Watchdog

As the voice of small business in government, Advocacy invites you to post your thoughts on this moderated blog, provided as a forum for the small business community.

The Small Business Watchdog header image 2

Preliminary Framework to Protect Critical Infrastructure from Cyberattack Introduced

October 25th, 2013 · 1 Comment

Online attacks on the nation’s critical infrastructure are one of the most serious challenges to U.S. national security. Power generation, transportation and telecommunications are the backbone of U.S. critical infrastructure, and these sophisticated systems rely on information technology, which makes them susceptible to online attacks.

In February 2013, President Obama issued Executive Order 13636—Improving Critical Infrastructure Cybersecurity, outlining steps to reduce the risk of cyberattack on power, transportation, and telecom networks.

On October 22, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) released its Preliminary Cybersecurity Framework. The framework is the first step in helping critical infrastructure owners and operators reduce the risk of cyberattack. It outlines a set of steps that can be customized to various sectors and adapted by both large and small organizations while providing a consistent approach to cybersecurity. It also helps identify and prioritize opportunities for improvement within the context of risk management and to assess progress toward cybersecurity goals.

Framework Core Structure

Pictured: The framework core structure outlines the approach to assessing threats. From “Preliminary Cybersecurity Framework,” page 5.

In the near future, NIST will provide an opportunity for the public to submit comments on the framework. The Office of Advocacy will issue a Regulatory Alert when the public comment period opens. NIST plans to release the official framework in February 2014, as called for in the executive order.

Additional information about the preliminary framework is available on NIST’s website. For more information, call or email Assistant Chief Counsel Major Clark, (202) 205-7150.

—Assistant Chief Counsel Major Clark III

Tags: Regulatory Policy

1 response so far ↓

  • 1 Donny Gamble // Oct 26, 2013 at 6:01 pm

    I hope that the government comes up with a pausable solution to help stop internet security breaches as well as fraud. This could be a national threat to the security of individual’s lives.