Executive Order 13636, Improving Critical Infrastructure Cybersecurity, directed NIST to work with stakeholders to develop a voluntary framework for reducing cyber risks to critical infrastructure. Version 1.0 of the Cybersecurity Framework, released on February 12, 2014, was developed in an open manner with input from stakeholders in industry, academia, and government, including a public review and comment process, workshops, and other means of engagement.
In the time since the Framework's publication, NIST's primary goals have been to raise awareness of the Framework and encourage its use as a tool to help industry sectors and organizations manage cybersecurity risks.
In addition to highlighting a variety of Framework use, the purpose of this workshop is to gather input to help NIST understand stakeholder awareness and current use of the Framework, the need for an update to the Framework, cybersecurity best practices sharing, as well as the future governance of the Framework. Responses to the 11 December 2015 Request for Information (RFI), Views on the Framework for Improving Critical Infrastructure Cybersecurity, will inform the workshop agenda.
The workshop will offer an optional seminar on April 5 that will provide an overview of the Framework's development, basic components, use cases, and resources to support further learning. Those new to Framework should consider attending the seminar presentation and question-answer session. If you would like to attend, please use the registration link above.