Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

Washington
New NIST cybersecurity framework contains CUNA suggested changes
WASHINGTON (2/13/14)--The National Institute of Standards and Technology's (NIST) final "critical infrastructure" cybersecurity framework, released Wednesday, contains several improvements advocated by the Credit Union National Association. For instance, NIST dropped the proposed Appendix B, which potentially would have required a prescriptive set of steps regarding privacy and civil liberties.

CUNA had urged NIST to recognize that existing, robust data security requirements and standards already apply to financial institutions.

The framework was released as part of President Barack Obama's executive order on "critical infrastructure" cybersecurity. This voluntary framework is intended to improve U.S. cybersecurity among all critical sectors, including financial services, and should complement existing standards and rules.

NIST said in a release that the framework consists of three parts:
  • The framework core, which is a set of cybersecurity activities, outcomes, and informative references that are common across critical infrastructure sectors;;
  • The framework profile, which will help organizations align their cybersecurity activities with its business requirements, risk tolerances, and resources; and
  • The framework implementation tiers, which provide a mechanism for organizations to view and understand the characteristics of their approach to managing cybersecurity risk.
"The framework enables organizations--regardless of size, degree of cybersecurity risk, or cybersecurity sophistication--to apply the principles and best practices of risk management to improving the security and resilience of critical infrastructure," NIST said.

NIST said its framework will be updated and improved as industry provides feedback on implementation. 

CUNA is reviewing the final framework, and commended NIST on Wednesday for taking positive steps by engaging with the financial sector.

CUNA also urged NIST and other government entities to address cybersecurity issues and to coordinate closely with all financial regulators, including the National Credit Union Administration, to ensure the framework is consistent with, and does not expand the scope of, existing rules and regulations for credit unions.
RSS





print
News Now LiveWire
.@LACULeague in @DailyComet: #creditunions' "old" benefits attractive to new generation http://t.co/AzOv3nB7IB
14 hours ago
At @FTC request, court halts operations of an alleged debt-relief scammer calling itself “FTC Credit Solutions.” http://t.co/qMsDBmKExH
19 hours ago
.@daytondailynews : The secret is out about #creditunions http://t.co/Aqu3pFTROV @DayAirCU @CODECreditUnion
20 hours ago
.@CUNA's @Nussle on @SenatorReid :(2of2)On behalf of more than 102M #CU members,I thank him 4 his leadership over the yrs/wish him the best.
22 hours ago
.@CUNA CEO Nussle on Sen. Reid’s decision not 2 seek re-election (1of2): Sen. Reid has a long history of #CU support throughout his career.
22 hours ago