Michael Daniel, cybersecurity coordinator at the White House, said agencies under the purview of the White House will continue to use current cybersecurity regulations in the operation of critical systems covering health, homeland security and environmental protection, Fierce Government IT reported Tuesday.
Zach Rausnitz writes that Obama had ordered the departments of Health and Human Services and Homeland Security and the Environmental Protection Agency to assess if the framework needs to be realigned with the National Institute of Standards and Technology‘s version.
NIST released in February its cybersecurity framework for voluntary implementation in the private sector.
Daniel said the review’s conclusion is that there is no need to do so but added the government needs to refine the text and improve coordination among offices toward building more agile and responsive capabilities.
“At this time… existing regulatory requirements, when complemented with strong voluntary partnerships, are capable of mitigating cyber risks to our critical systems and information,” Daniel wrote on the White House blog.
“Industry has demonstrated their commitment to using the voluntary cybersecurity framework. We in the federal government are equally committed to removing obstacles and stimulating positive incentives for strengthening cyber risk management across all critical infrastructure sectors,” he concluded.