The National Institute of Standards and Technology has addressed concerns over a voluntary cybersecurity framework targeted implemetation in October, FedScoop reported Thursday.
Cory Bennett writes the framework is part of a February executive order that aims to apply data sharing capabilities to tackle and counter threats against the U.S.’ information technology and communications infrastructure.
The article says government officials gathered on Capitol Hill on Thursday to discuss the framework with NIST and other agencies involved as lawmakers pointed out potential problems including civil-liberties infringement and privacy issues.
Bennett reports a series of workshops were intended to combine academic, federal and industry feedback that would form universal standards for the voluntary cybersecurity framework.
“We’ve achieved a lot of consensus over a short time on a framework,” Chuck Romine, NIST information technology lab director, said in a FedScoop article.
“We want to bake privacy and civil liberties into all the work we do,” Romine added.
Rep. Pat Meehan, House Subcommittee on Cybersecurity chairman, led a number of legislators in expressing apprehension that the framework would eventually morph from voluntary to mandatory in nature.
“I’d like to explore the extent to which people see this framework as the basis for further activity,” he said, adding: “I’m aware of a number of ‘shalls’ in the executive order.”