By Amber Corrin
In the latest iteration of legislation aimed at strengthening defenses against cyber attacks, a leading role for the National Institute of Standards and Technology in protecting critical infrastructure would be formalized and reinforced, writing into law what President Obama’s executive order directed: NIST’s charge to develop a comprehensive cybersecurity framework.
The measure, introduced July 24 by Senate Commerce, Science and Transportation Chairman Jay Rockefeller (D-W.Va.) and backed by ranking member John Thune (R-S.D.), also would include standards, guidelines and best practices for U.S. businesses, including those that oversee operation of critical infrastructure.
NIST’s work on the cybersecurity framework already is under way, with an initial version due in October. For the past several months, NIST officials have convened meetings with industry and the general public that will underpin the framework, which relies heavily on private sector participation.
The bill also targets investment in research and development, public awareness and cybersecurity workforce improvement.
“I’ve always thought this was a great way to emphasize the critical need for a public-private approach when it comes to solving our most pressing cybersecurity issues,” Rockefeller said in a statement. “NIST is a jewel of the federal government and it’s the right organization to guide this very important work.”