Cybersecurity Framework Seeks to Help Industry Manage Critical Infrastructure Risks

The Obama administration has launched a voluntary Cybersecurity Framework, meant to serve as a how-to guide for industry to manage cyber risks. The framework, developed by the Commerce Department’s National Institute of Standards and Technology during the past year with input from organizations and individuals from around the world, offers broad guidelines to strengthen “the security and resiliency of critical infrastructure in a model of public-private cooperation,” according to a White House press release.

The framework has three components—the Framework Core, Profiles and Tiers— to reinforce the connection between business activities and cybersecurity. The Department of Homeland Security (DHS) also has started the Critical Infrastructure Cyber Community (C3) Voluntary Program as a public-private partnership to raise awareness of the framework. The program will link companies and partners from all levels of government to federal resources in an effort to manage cyber risks.