February 14, 2014 (www.investorideas.com newswire) The White House,Office of the Press Secretary- The Obama Administration is announcing the launch of the Cybersecurity Framework, which is the result of a year-long private-sector led effort to develop a voluntary how-to guide for organizations in the critical infrastructure community to enhance their cybersecurity. The Framework is a key deliverable from the Executive Order on “Improving Critical Infrastructure Cybersecurity” that President Obama announced in the 2013 State of the Union.
Through the development of this Framework, industry and government are strengthening the security and resiliency of critical infrastructure in a model of public-private cooperation. Over the past year, individuals and organizations throughout the country and across the globe have provided their thoughts on the kinds of standards, best practices, and guidelines that would meaningfully improve critical infrastructure cybersecurity. The Department of Commerce's National Institute of Standards and Technology (NIST) consolidated that input into the voluntary Cybersecurity Framework that we are releasing today.
The Framework gathers existing global standards and practices to help organizations understand, communicate, and manage their cyber risks. For organizations that don't know where to start, the Framework provides a road map. For organizations with more advanced cybersecurity, the Framework offers a way to better communicate with their CEOs and with suppliers about management of cyber risks. Organizations outside the United States may also wish use the Framework to support their own cybersecurity efforts.
Each of the Framework components (the Framework Core, Profiles, and Tiers) reinforces the connection between business drivers and cybersecurity activities. The Framework also offers guidance regarding privacy and civil liberties considerations that may result from cybersecurity activities.
The Framework Core is a set of cybersecurity activities and informative references that are common across critical infrastructure sectors. The cybersecurity activities are grouped by five functions -- Identify, Protect, Detect, Respond, Recover -- that provide a high-level view of an organization's management of cyber risks.
The Profiles can help organizations align their cybersecurity activities with business requirements, risk tolerances, and resources. Companies can use the Profiles to understand their current cybersecurity state, support prioritization, and to measure progress towards a target state.
The Tiers provide a mechanism for organizations to view their approach and processes for managing cyber risk. The Tiers range from Partial (Tier 1) to Adaptive (Tier 4) and describe an increasing degree of rigor in risk management practices, the extent to which cybersecurity risk management is informed by business needs, and its integration into an organization's overall risk management practices.
Though the adoption of the Framework is voluntary, the Department of Homeland Security (DHS) has established the Critical Infrastructure Cyber Community (C3) Voluntary Program as a public-private partnership to increase awareness and use of the Cybersecurity Framework. The C3 Voluntary Program will connect companies, as well as federal, state, local, tribal, and territorial partners, to DHS and other federal government programs and resources that will assist their efforts in managing their cyber risks. Participants will be able to share lessons learned, get assistance, and learn about free tools and resources that can help them.
Federal executive branch civilian agencies are evaluating how they will use the Framework to enhance the protection of their systems, and State and local governments are also looking at how they can leverage capabilities found in the Framework to assist managing their cybersecurity risk. DHS is developing the Voluntary Program to respond to state and local government needs, and it is examining incentives tailored to these stakeholders.
Published at the Investorideas.com Newswire - Big ideas for Global Investors
Disclaimer/ Disclosure:The Investorideas.com newswire is a third party publisher of news and research as well as creates original content as a news source. Original content created by investorideas is protected by copyright laws other than syndication rights. Investorideas is a news source on Google news and Linkedintoday plus hundreds of syndication partners. Our site does not make recommendations for purchases or sale of stocks or products. Nothing on our sites should be construed as an offer or solicitation to buy or sell products or securities. All investment involves risk and possible loss of investment. This site is currently compensated by featured companies, news submissions, content marketing and online advertising. Contact each company directly for press release questions. Disclosure is posted on each release if required but otherwise the news was not compensated for and is published for the sole interest of our readers. More disclaimer info: http://www.investorideas.com/About/Disclaimer.asp
BC Residents and Investor Disclaimer : Effective September 15 2008 - all BC investors should review all OTC and Pink sheet listed companies for adherence in new disclosure filings and filing appropriate documents with Sedar. Read for more info: http://www.bcsc.bc.ca/release.aspx?id=6894. Global investors must adhere to regulations of each country.