ANSI - American National Standards Institute
 Print this article  Previous Next 

NIST Releases Second Draft to Cybersecurity Framework, ANSI Encourages Stakeholders to Comment

Submit Comments by January 19


The U.S. Commerce Department's National Institute of Standards and Technology (NIST) has issued the second draft of the proposed update to the Framework for Improving Critical Infrastructure Cybersecurity—also known as the Cybersecurity Framework. The American National Standards Institute (ANSI) encourages all relevant stakeholders to submit draft comments to NIST by the deadline on Friday, January 19, 2018.

Created through collaboration between industry and government, the Cybersecurity Framework was released in 2014 as a result of an executive order signed by former president Barack Obama, “Improving Critical Infrastructure Cybersecurity.” The framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure, and uses a common language to address and manage cybersecurity risk in a cost-effective way based on business needs without placing additional regulatory requirements on business.

The second draft aims to clarify, refine, and enhance the framework, amplifying its value and making it easier to use. The latest draft reflects comments received to date, including those from a public review process launched in January 2017 and a workshop in May 2017.

ANSI encourages its stakeholders to submit comments for the latest draft of Cybersecurity Framework version 1.1. A draft Roadmap has also been included for comment. All comments are due to NIST by 11:59 PM on Friday, January 19, 2018 via NIST reports that it anticipates finalizing Cybersecurity Framework version 1.1 in Spring 2018.


Learn how strategic standardization is helping companies build their bottom line