Input due to DOC by February 12
The American National Standards Institute (ANSI) encourages its members and stakeholders to respond to a newly released draft report by the U.S. Department of Commerce (DOC) and the U.S. Department of Homeland Security (DHS), issued as a response to the May 11, 2017, Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. The draft report highlights the role of globally relevant standards in strengthening cybersecurity worldwide.
Responses are due to DOC at Counter_Botnet@list.commerce.gov
by 5 p.m. ET on February 12, 2018
The Executive Order called for "resilience against botnets and other automated, distributed threats," directing the departments to "lead an open and transparent process to identify and promote action by appropriate stakeholders" with the goal of "dramatically reducing threats perpetrated by automated and distributed attacks (e.g., botnets)."
DOC and DHS identified five complementary goals that would improve the resilience of the ecosystem:
- Identify a clear pathway toward an adaptable, sustainable, and secure technology marketplace
- Promote innovation in the infrastructure for dynamic adaptation to evolving threats
- Promote innovation at the edge of the network to prevent, detect, and mitigate bad behavior
- Build coalitions between the security, infrastructure, and operational technology communities domestically and around the world
- Increase awareness and education across the ecosystem
The draft report emphasizes the need to augment standards to improve the resilience of the ecosystem. According to the document, "the U.S. government and industry should also jointly engage with developers of international standards and specifications, such as the IETF and the Joint Technical Committee 1 of the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) (ISO/IEC JTC 1), to establish globally relevant standards. As these standards evolve, federal profiles should be re-aligned or replaced as appropriate."
About ISO/IEC JTC 1
The joint technical committee of ISO and IEC, ISO/IEC JTC 1
, Information technology,
is a consensus-based, voluntary international standards group that works as a highly productive collaboration between ISO and IEC. More than 3,700 experts from 32 participant member countries come together in JTC 1 to develop mutually beneficial standards that enhance global trade while protecting intellectual property. The U.S. plays a leading role in ISO/IEC JTC 1, with ANSI holding the secretariat and Phil Wennblom (U.S.) of Intel serving as the JTC 1 Chair.
Read the full report for public comment: Enhancing the Resilience of the Internet and Communications Ecosystem Against Botnets and Other Automated, Distributed Threats
Submission details are available on Commerce.gov
. Following the comment period, DOC will host a two-day workshop on February 28 and March 1 at the National Institute of Standards and Technology
's (NIST) National Cybersecurity Center of Excellence in Rockville, MD. A final report, incorporating comments and other feedback received, is due to the President on May 11, 2018.