Home / News / NIST Releases Guidance on Federal Infrastructure Cybersecurity

NIST Releases Guidance on Federal Infrastructure Cybersecurity

The National Institute of Standards and Technology has issued a guidance to help federal agencies implement a cybersecurity framework developed by NIST in partnership with the private and public sectors.

NIST’s guidance states that the Framework for Improving Critical Infrastructure Cybersecurity is meant to help agencies streamline their efforts focused on information security risk management. The guide includes use cases encompassing enterprise risk management, cybersecurity program management, acquisition procedures and risk reporting.

The agency noted that the framework aligns with requirements under the Federal Information Security Management Act to prevent “unauthorized access, use, disclosure, disruption, modification, or destruction of a federal information system or federal Information.”

Using a risk-based approach also enables agencies to determine risks relevant to the operational lifecycle and allocate appropriate resources to “treat those risks to an acceptable level,” according to NIST.

“It is vital that agency personnel at all levels manage their assets wisely and address cybersecurity risks effectively,” NIST said. “To do that, agencies need a holistic approach to their enterprises’ risk management that includes timely, streamlined approaches and automated tools.”

NIST noted that the new guidance complements its prior publications focused on risk management for information systems and information security risk.

Check Also

DOE Unveils R&D Funding Opportunity for Isotope Production

The Department of Energy (DOE) has earmarked $16 million in funds to support research and development initiatives for isotope production. DOE seeks to yield isotopes that are in shortage or unavailable for industrial, scientific and medical purposes through the funding opportunity, the department said Tuesday.