Cybersecurity Framework FAQs Further Questions

FURTHER QUESTIONS
45. How can I ensure resources or case studies my organization has released publicly are visible for others to use?
46. Who can answer additional questions regarding Framework?
47. How do I sign up for the mailing list to receive updates on the NIST Cybersecurity Framework?
48. How can I share my thoughts or suggestions for improvements to the Cybersecurity Framework with NIST?

FURTHER QUESTIONS

45. How can I ensure resources or case studies my organization has released publicly are visible for others to use?
Share them with NIST via email (cyberframework [at] nist.gov (cyberframework[at]nist[dot]gov)), sector organizations (where applicable), trade and professional associations, and post information on your organization's website.

46. Who can answer additional questions regarding Framework?
Review the NIST Cybersecurity Framework web page for more information, contact NIST via email (cyberframework [at] nist.gov (cyberframework[at]nist[dot]gov)), and check with sector or relevant trade and professional associations.

47. How do I sign up for the mailing list to receive updates on the NIST Cybersecurity Framework?
To receive updates on the NIST Cybersecurity Framework, you will need to sign up for NIST E-mail alerts. The sign-up box is located at the bottom-right hand side on each Cybersecurity Framework-based web page, or on the left-hand side of other NIST pages. Once you enter your email address and select a password, you can then select "Cybersecurity Framework" under the "Subscription Topics" to begin receiving updates on the Framework. If you see any other topics or organizations that interest you, please feel free to select those as well. You may change your subscription settings or unsubscribe at anytime.

48. How can I share my thoughts or suggestions for improvements to the Cybersecurity Framework with NIST?
There are many ways to participate in Cybersecurity Framework.

Participation in NIST Workshops, RFI responses, and public comment periods for work products are excellent ways to influence NIST Cybersecurity Framework documents. Less formal but just as meaningful, as you have observations and thoughts for improvement, please send those to cyberframework [at] nist.gov (cyberframework[at]nist[dot]gov). We value all contributions through these processes, and our work products are stronger as a result.

Participation in the larger Cybersecurity Framework ecosystem is also very important. NIST's vision is that various sectors, industries, and communities customize Cybersecurity Framework for their use. Customization efforts include:

• cross-walking key legislation and regulation to the Cybersecurity Framework (e.g., Health and Human Services' HIPPA Security Rule Crosswalk to NIST Cybersecurity Framework),
• developing Profiles that reflect business/mission priorities of a given stakeholder group (e.g., Federal Communications Commission (FCC) Communications, Security, Reliability and Interoperability Council's (CSRIC) Cybersecurity Risk Management and Best Practices Working Group 4: Final Report),
• publishing case studies on Cybersecurity Framework implementation (e.g., An Intel Use Case for the Cybersecurity Framework in Action)

More examples of similar work products are available at our Industry Resources page ( http://www.nist.gov/cyberframework/cybersecurity-framework-industry-resources.cfm).

If you develop similar resources, NIST is happy to consider them for inclusion in the Industry Resources page.

Thank you very much for your offer to help. Please keep us posted on your ideas and work products.