NIST Framework for Improving Critical Infrastructure Cybersecurity
The Framework for Improving Critical Infrastructure Cybersecurity (“The Framework”) provides a prioritized, flexible, repeatable, performance-based, and cost-effective approach to managing cybersecurity risk at all levels in an organization. It is applicable to organizations of all sizes and sectors.
The Framework provides a common language for understanding, managing, and expressing cybersecurity risk both internally and externally. It can be used to help identify and prioritize actions for reducing cybersecurity risk, and it is a tool for aligning policy, business, and technological approaches to managing that risk.
The original version of the Framework (version 1.0) was developed in a year-long, collaborative process in which NIST served as a convener for industry, academia, and government stakeholders. This collaboration continues under the direction of the Cybersecurity Enhancement Act of 2014, as NIST works with stakeholders from across the country and around the world to develop and evolve the Framework.
➝ Learn more about the Framework on nist.gov/cyberframework.
Explore trending news in Cyber security:
A survey finds that the majority of operators have been hit by two or more cyber attacks over the past two years.
Expanded program portfolio seeks to increase access to DoD-specific electronics manufacturing capabilities, enhance hardware security, and ensure ERI investments translate to DoD applications
Cincinnati Enquirer — The Cincinnati area will get new help in its opioid fight through a pilot partnership with U.S. Homeland Security’s Science and Technology division that could yield a nationwide response to the epidemic.
StateScoop — At a "smart regions" conference in Ohio, representatives from several jurisdictions pledged to use technology to reduce drug overdoses.
CINCINNATI -- A partnership among businesses, educators and agencies is working to turn Cincinnati into the Silicon Valley of the Midwest. Local schools are training the next generation of cyber experts.
New York City aims to become the mecca of cybersecurity innovation through Cyber NYC, a $30 million investment initiative focused on five key technology programs, the New York City Economic Development Corporation (NYCEDC) announced on Tuesday.
The Wi-Fi Protected Access 3 (WPA3) security certificate protocol provides some much-needed updates to the WPA2 protocol introduced in 2004. Rather than a wholesale reworking of Wi-Fi security, WPA3 is focused on bringing new techniques to bear against the cracks that have begun to show in WPA2.
The potential of autonomous vehicles could generate a fundamental shift in our society. Market predictions suggest that by 2025 autonomous vehicles market could be worth $6 billion and a reported estimate of $80 billion has been invested in the entire space during the last 3 years.
CTIA manages a cybersecurity certification program for Internet of Things (IoT) devices, establishing an industry baseline for device security on wireless networks. The CTIA IoT Cybersecurity Certification Test Plan supports a variety of use cases and levels of device sophistication.
Smart Cities around the world are at risk of getting hacked in everything from traffic control to flood prevention even as they spend $81 billion globally this year on data sensors to collect and integrate information.