NIST’s Draft Cybersecurity Framework Update Covers Cyber Supply Chain Risk Mgmt

1 min read

The National Institute of Standards and Technology has released its proposed update to the Cybersecurity Framework in an effort to provide new information on cyber supply chain risk management and introduce measurement processes for cybersecurity.

The 2017 Draft Framework for Improving Critical Infrastructure Security Version 1.1 also includes clarification on the definition of the terms “identity proofing,” “authorization” and “authentication” under the updated “identity management and access control” category, NIST said Tuesday.

Matt Barrett, NIST’s program manager for the Cybersecurity Framework, said the update seeks to facilitate the use of the framework, which he said will remain “voluntary and flexible to adaptation.”

NIST noted the draft update incorporates input from Cybersecurity Framework Workshop 2016 attendees and feedback from a request for information issued in 2015 as well as comments received since NIST published the framework’s version 1 in 2014.

NIST will accept comments to the draft update to the framework through April 10.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Government Technology

Leave a Reply

Your email address will not be published.

Become a Registered Reader
Register to enjoy unlimited access to articles, interviews, and invaluable govcon content. You'll also receive our daily briefing straight to your inbox.

This will close in 0 seconds