Removing Barriers Blog

Comment Letter to NIST on Cybersecurity Framework
Posted February 10, 2016 by CUNA Advocacy

We recently filed a comment letter with the National Institute of Standards and Technology (“NIST”) regarding views on the “Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0” (the “Cybersecurity Framework”).  NIST requested information about the variety of ways in which the Cybersecurity Framework is being used to improve cybersecurity risk management, how best practices for using the Cybersecurity Framework are being shared, the relative value of different parts of the Cybersecurity Framework, the possible need for an update of the Cyber security Framework, and options for the long-term governance of the Cybersecurity Framework.

Our letter addressed steps the U.S. government should take in addressing best practices and whether NCUA should consider transitioning some or all of the Cybersecurity Framework’ coordination to another organization. We also worked with the Financial Services Sector Coordinating Council (“the FSSCC”), of which CUNA is a participating member, in developing a comment letter that addresses the request for information more broadly.