The departments of Homeland Security and Treasury and the National Institute of Standards and Technology will be responsible for determining critical infrastructure at risk of cyber attacks under an executive order released last week.Federal Times reports the order directs those agencies to collaborate with industry on developing voluntary security standards companies that run critical infrastructure such as electricity grids and utility plants.
The order also directs the agencies to make sure companies get information about cyber threats, Nicole Blake Johnson writes.
NIST is directed to publish a draft cybersecurity framework by October with those standards and to publish a final version of that framework within a year in collaboration with DHS, the report said.
Agencies that currently hold regulatory authority, such as the departments of Agriculture and Health and Human Services, are directed to consider changing standards from voluntary to mandatory, according to Federal Times.
