Skip to main content
Menu Icon Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations


Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • NIST Releases Draft Cybersecurity Framework

    Privacy, Cyber Risk & Data Security

    Recently, the National Institute of Standards and Technology (NIST) released a discussion draft of its preliminary cybersecurity framework. Under an Executive Order issued earlier this year, NIST is tasked with developing standards, methodologies, procedures, and processes that will form a voluntary best practices framework to address cyber risks. The discussion draft framework provides a uniform guide for developing robust cybersecurity programs for organizations. It provides a common structure for managing cybersecurity risk, is intended to help organizations identify and understand their dependencies on business partners, vendors, and suppliers, and is designed to facilitate coordination of cybersecurity risk within industries. The Framework places cybersecurity activities into five functions – identify, protect, detect, respond, and recover – and urges organizations to implement capabilities in each area. NIST released the draft in advance of the Fourth Cybersecurity Framework workshop on September 11-13, 2013, at the University of Texas at Dallas. It also is accepting comments via email.

    NIST Privacy/Cyber Risk & Data Security

    Share page with AddThis