An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Framework for Improving Critical Infrastructure Cybersecurity
Published
Author(s)
Kevin M. Stine, Kim Quill, Gregory A. Witte
Abstract
Recognizing that the national and economic security of the United States depends on the resilience of critical infrastructure, President Obama issued Executive Order (EO) 13636, Improving Critical Infrastructure Cybersecurity, in February 2013. It directed NIST to work with stakeholders to develop a voluntary framework - based on existing standards, guidelines, and practices - for reducing cybersecurity risks. In support of this directive, the Computer Security Division (CSD) of NIST's Information Technology Laboratory (ITL) led the development of the Cybersecurity Framework. The Cybersecurity Framework provides a prioritized, flexible, repeatable, and cost-effective approach, including information security measures and controls to help owners and operators of critical infrastructure and other interested entities to identify, assess, and manage cybersecurity-related risk while protecting business confidentiality, individual privacy and civil liberties. To enable technical innovation and account for organizational differences, the Framework does not prescribe particular technological solutions or specifications.
Stine, K.
, Quill, K.
and Witte, G.
(2014),
Framework for Improving Critical Infrastructure Cybersecurity, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=915476
(Accessed October 11, 2024)