Mitre has developed recommendations on refining cybersecurity regulations to secure the U.S. critical infrastructure sector in response to a request for information from the Office of the National Cyber Director.
The Center for Data-Driven Policy led a cross-analysis of the RFI’s posed questions to help the ONCD develop evidence-based, actionable plans to address obstacles to harmonizing critical infrastructure cybersecurity regulations, the non-profit research organization said Friday.
According to Mitre, refinements to existing cybersecurity regulations or new policies must not specify technical requirements or implementation details for critical infrastructure owners and operators to avoid complicating continuous regulation harmonization.
Instead, regulations or administration guidance must provide sector risk management agencies with additional direction on shifting their focus to strengthening the mechanisms needed by critical infrastructure owners and operators and the industry vendors that support them.
