收藏本站   设为首页
当前位置:国外标准化动态 > 中美 > 正文

NIST发布第二份网络安全框架草案,ANSI鼓励利益相关方发表意见

发布时间: 2018-01-31 15:02:40   审校:睿智   浏览次数:
来源:https://www.ansi.org/news_publications/news_story?menuid=7&articleid=cde5f62c-3ee2-4146-9753-9e6e0dd  

美国商务部美国国家标准与技术研究院(NIST)发布了拟更新的第二版 “提升关键基础设施网络安全框架”(也称为“网络安全框架”)。美国国家标准协会 (ANSI)鼓励所有利益相关者在2018119(星期五)前向NIST提交意见稿。

为配合前总统奥巴马(Barack Obama)签署行政命令“提升关键基础设施网络安全”, 网络安全框架由行业与政府在2014年合力推出。

网络安全框架分为三个部分:提升关键基础设施保护的标准、指南、规程,根据商业需求以经济高效的方式和通用语言解决和管理网络安全风险,而无需对商业提出额外的监管要求。

第二版草案旨在阐明、改善、加强框架,提升其价值,使其更易于使用。最新的草案反映了迄今为止收到的意见,来源包括2017年1月启动的公开复审程序和2017年5月的研讨会。

ANSI鼓励利益相关方就 最新的 1.1版本网络安全框架草案和路线图发表意见,并把意见发送至viacyberframework@nist.gov,截止时间为2018年1月19日(星期五)23:59。

NIST称,1.1版网络安全框架预计在2018年春季完成。

 

NIST Releases Second Draft to Cybersecurity Framework, ANSI Encourages Stakeholders to Comment

The U.S. Commerce Department'sNational Institute of Standards and Technology (NIST) has issued the second draft of the proposed update to the Framework for Improving Critical Infrastructure Cybersecurity—also known as the Cybersecurity Framework. The American National Standards Institute (ANSI) encourages all relevant stakeholders to submit draft comments to NIST by the deadline on Friday, January 19, 2018.

Created through collaboration between industry and government, the Cybersecurity Framework was released in 2014 as a result of an executive order signed by former president Barack Obama, “Improving Critical Infrastructure Cybersecurity.” The framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure, and uses a common language to address and manage cybersecurity risk in a cost-effective way based on business needs without placing additional regulatory requirements on business.

The second draft aims to clarify, refine, and enhance the framework, amplifying its value and making it easier to use. The latest draft reflects comments received to date, including those from a public review process launched in January 2017 and a workshop in May 2017.

ANSI encourages its stakeholders to submit comment for the latest draft of Cybersecurity Framework version 1.1 and the draft Roadmap, are due to NIST by 11:59 PM on Friday, January 19, 2018 viacyberframework@nist.gov. NIST reports that it anticipates finalizing Cybersecurity Framework version 1.1 in Spring 2018.

京ICP备09001239号
网站管理:国家标准化管理委员会标准信息中心
地址:北京海淀区马甸东路9号 邮编:100088 邮箱:info@sac.gov.cn
客服热线:010-82261056 QQ号:3433774297