NIST Cybersecurity Framework: Don’t Underestimate It

A cybersecurity framework for critical infrastructure owners is voluntary but will become the de facto standard for litigators and regulators. Here’s how to prepare.

Any company that is managing critical infrastructure in the US and disregards the Preliminary Cybersecurity Framework, issued by the National Institute of Standards and Technology (NIST) in late October, does so at its own peril. The framework, which is now in its final comment stage and due to be released in mid-February, lays out a set of comprehensive but voluntary cybersecurity practices.

However, critical infrastructure owners need to recognize that, if a company’s cybersecurity practices are ever questioned during a regulatory investigation and litigation, the baseline for what’s considered commercially reasonable is likely to become the NIST Cybersecurity Framework.

via NIST Cybersecurity Framework: Don’t Underestimate It – InformationWeek.

———————————————-

Journal of Law & Cyber Warfare | www.jlcw.org The Journal of Law & Cyber Warfare provides a public peer-reviewed law publication to foster open discussion and education of technology, government and legal stakeholder in relation to the complex issue of cyber warfare.  Journal of Law & Cyber Warfare accepts articles written by military, technology, judges, government officials, academic and legal practitioners.  The Journal of Law & Cyber Warfare provides a public peer-reviewed law publication to foster open discussion and education of technology, government and legal stakeholder in relation to the complex issue of cyber warfare.  Journal of Law & Cyber Warfare accepts articles written by military, technology, judges, government officials, academic and legal practitioners. The Journal of Law & Cyber Warfare is honored by the world class caliber editorial board that is involved with the Journal. Thought leaders from forensics, law, warfare, and cyber security are on the Board. The Journal is always looking for interested thought leaders who believe they can contribute in a meaningful fashion to the development of cyber warfare scholarship.