On April 5-7 2016, the National Institute of Science and Technology (NIST) hosted a workshop on its popular Framework for Improving Critical Infrastructure Cybersecurity (the “Framework”). The workshop was preceded by a request for information that prompted 105 responses, many from industry associations representing hundreds of companies. The discussions at the workshop are likely to influence key aspects of the Framework’s future, including who oversees stewardship of the Framework, areas of focus for revisions, guidance on implementation, and the introduction of metrics or conformance standards.
An article recently published in the IAPP Privacy Advisor offers a recap of discussions at the NIST Workshop, and what it may mean for The Future of the NIST Cybersecurity Framework.