The American National Standards Institute (ANSI) encourages all members and interested stakeholders to comment on nine recently released Request for Comment (RFC) documents regarding the development of effective voluntary standards and guidelines to foster information sharing on cybersecurity risks and incidents among private-sector entities and the federal government. Reflecting the work of the Information Sharing and Analysis Organization (ISAO) Standards Organization (SO), the RFCs were developed in response to the White House's Executive Order 13691, Promoting Private Sector Cybersecurity Information Sharing.
In 2015 President Obama issued the order [see the related ANSI coverage here] to encourage and promote sharing of cybersecurity threat information within the private sector and between the private sector and government. The development of voluntary standards and guidelines will help companies work together with the federal government to quickly identify and protect against cyber threats. The RFC documents, which span a range of topics represented by the ISAO SO's six Standards Working Groups (SWGs), are still under development, and ANSI encourages suggestions from stakeholders at this stage.
Comments are due by Friday, June 17, and can be submitted to the ISAO SO via the Draft Products page.
Based on comments received, the ISAO SO may elect to post additional RFCs before final standards and guidelines are made available under the Published Products page.
The ISAO SO has also scheduled a public meeting to discuss these draft documents, to be held May 19 in Anaheim, California. For additional information about the meeting, visit www.ISAO.org. Additional questions can be directed to [email protected].