Executive Order 13636, Improving Critical Infrastructure Cybersecurity, directed NIST towork with stakeholders to develop a voluntary framework for reducing cyberrisks to critical infrastructure. Version 1.0 of the Cybersecurity Framework, released on February 12, 2014, was developed in an open manner with input from stakeholders in industry, academia, and government, including a public review and comment process, workshops, and other means of engagement.
In the time since the Framework's publication, NIST's primary goal has been to raise awareness of the Framework and encourage its use as a tool to help industry sectors and organizations manage cybersecurity risks.
The purpose of this workshop is to gather input to help NIST understand stakeholder awareness of, and initial experiences with, the framework and related activities to support its use. NIST is planning to release a formal Request for Information (RFI) asking for further feedback in these areas. Responses to the RFI will inform the workshop agenda.
Critical Infrastructure Owners and Operators and cybersecurity staff. Specifically those who have operational, managerial and policy experience and responsibilities for cybersecurity, technology and/or standards development for CriticalInfrastructure companies.