Regulation Watch

NIST Releases Cybersecurity Framework

By William B. Wilhelm, Regulation Watch | May 12, 2014

On Feb. 10, 2014, the National Institute of Standards and Technology issued the “Framework for Improving Critical Infrastructure Cybersecurity.” The framework follows President Obama’s Executive Order 13636, issued in February 2013, directing NIST to create a set of voluntary industry standards and best practices to help organizations manage cybersecurity risks.

The NIST framework focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk management processes. It instructs organizations on how to assess their current level of cybersecurity, set goals for improving cybersecurity, and creates a plan for implementing those goals. NIST intends to update the framework to keep pace with changes in technology.

The framework is focused on critical infrastructure, which includes utilities, financial services, telecommunications, chemicals, food and agriculture, and health care. Although businesses are not required to adopt the NIST framework, the framework will be used as a roadmap for future cybersecurity-related undertakings in the United States, even in non-critical infrastructure areas. Federal and private incentives (cybersecurity insurance, grants, liability limitations, etc.) will likely encourage industry participation in the NIST framework. Implementation of NIST standards may also affect business-to-business relationships, court liability in the event of future breaches, and may be used as the basis for future legislation. Businesses that participate in the framework may therefore have an opportunity to shape the guidelines and determine an appropriate standard before it becomes mandated by law.

As providers of advanced communications services, VoIP providers should take particular note of the cybersecurity framework and ensure that they have considered potential cyber threats to their networks, customers and business operations; have taken steps to mitigate those threats; and have a plan for dealing with successful attacks.

William B. Wilhelm (News - Alert) is a partner and Jeffrey R. Strenkowski is counsel at the global law firm of Bingham McCutchen LLP (www.bingham.com).

Edited by Maurice Nagle

» Recent Table of Contents

INTERNET TELEPHONY Newsletter

Get the latest expert news, reviews & resources. Tailored specifically for VoIP and IP Communications.

Subscribe Now!

Strategic Solutions Series
Supplement on Hosted VoIP

A Look at the Hosted VoIP Market

Unified Communications as a Service

GO!VBX Sets New Pricing Model for Hosted PBX Services and Now includes Unified Communications

Enabling Businesses to Adopt Affordable, Whole Enterprise IP Communications

Latest From INTERNET TELEPHONY

Beanfield Metroconnect Taps Ribbon to Optimize Microsoft Teams with Direct Routing

As Cloud Communications Continue To Thrive, Kandy and IBM Tie Ribbon Around Secure UCaaS For Financial Services Firms

As TDM Declines, ATCA Tech Symposium Explores Migration to IP as Step One in Digital Transformation

Ribbon Continues to Wrap Around Teams as Demand for Microsoft's Popular Platform Surges

As Work from Home Changes How We Communicate, Communications Providers Look to 5G and Advanced Wi-Fi for Speed, Convenience and Security

Carl's Jr Streamlines Process Management with a Flexible Unified Communications Solution

Technology Marketing Corporation,
2 Trap Falls Road Suite 106, Shelton, CT 06484 USA
Ph: 800-243-6002, 203-852-6800

Contact us
Technology Marketing Corp. © 2023 Copyright.

IT Mag Content

IT Mag Resources