NIST Cyber Security Framework

Speaker: Victoria Pillitteri, NIST

Abstract:

Recognizing that the national and economic security of the United States depends on the reliable functioning of critical infrastructure, the President under Executive Order 13636, "Improving Critical Infrastructure Cybersecurity," directed NIST to work with stakeholders to develop a voluntary framework for reducing cyber risks to critical infrastructure. The resulting Framework, issued in February 2014, consists of standards, guidelines, and best practices to help owners and operators of critical infrastructure manage cybersecurity-related risk. Since its release, NIST has engaged stakeholders to understand organizational awareness of, and experiences with, the Framework, including learning about which aspects of the Framework have been helpful or challenging, and about whether and how the Framework has been used to modify and strengthen management of cyber risks. This session will provide an overview of the Executive Order, of the Cybersecurity Framework, and of opportunities and lessons learned since the Framework's release.