In a webinar, Steven Chabinsky, Cyber Columnist for Security and General Counsel and Chief Risk Officer for CrowdStrike, discussed NIST’s cybersecurity framework and its future.
NIST’s Framework-work is now law, he said, so it’s here to stay. The Cybersecurity Enhancement Act of 2014, passed into law on December 18, 2014, authorizes NIST to facilitate and support the development of voluntary, industry-led cyber standards and best practices for critical infrastructure – codifying elements of the successful process through which the NIST Cybersecurity Framework was developed.