Developing a Framework To Improve Critical Infrastructure Cybersecurity
Request for Information:
Summary:
The National Institute of Standards and Technology (NIST) is conducting a comprehensive review to develop a framework to reduce cyber risks to critical infrastructure1 (the “Cybersecurity Framework” or “Framework”). The Framework will consist of standards, methodologies, procedures, and processes that align policy, business, and technological approaches to address cyber risks.
1For the purposes of this RFI the term “critical infrastructure” has the meaning given the term in 42 U.S.C. 5195c(e), “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”
This RFI requests information to help identify, refine, and guide the many interrelated considerations, challenges, and efforts needed to develop the Framework. In developing the Cybersecurity Framework, NIST will consult with the Secretary of Homeland Security, the National Security Agency, Sector-Specific Agencies and other interested agencies including the Office of Management and Budget, owners and operators of critical infrastructure, and other stakeholders including other relevant agencies, independent regulatory agencies, State, local, territorial and tribal governments. The Framework will be developed through an open public review and comment process that will include workshops and other opportunities to provide input.
Read the RFI and consider submitting comments (deadline 5:00 p.m. Eastern time on Monday, April 8, 2013) on how topic maps could play a role in the proposed framework.
Cybersecurity will be a “hot” property for several years so a fruitful area for marketing topic maps.*
* I commented earlier today on the possible use of topic maps with 14th century cooking texts. That is also a market for topic maps but less than a baker’s dozen of potential customers. Most of who are poor.
The cybersecurity market is much larger, has many customers who are not poor, and who are on both sides of the question. Always nice to have an arms race type market.