As we all know, the National Institute of Standards and Technology (NIST) is the exemplary touchstone of managing cyber-threats. Currently, it is collecting opinions on how efficient their Cybersecurity Framework is and ways to make Critical Infrastructure Cybersecurity superior.
Breaf Information About NIST Cybersecurity Framework
NIST launched its Cybersecurity Framework in 2014. It aims to assist organizations of public and private sectors in practicing cybersecurity requirements all over the world. It means that the framework helps to detect cyber-attacks and threats and to make the defense more reliable and faster. Also, there are translations into a great number of languages.
The last upgrade of the Framework was in 2018. A lot of things in the field of cybersecurity have changed since that time. Not only did new methods and procedures emerge, but hackers became more sophisticated when it comes to data breaches.
Why Healthcare Organization Don’t Adhere to NIST Cybersecurity Standards?
Healthcare organizations quit keeping up with NIST cybersecurity standards as there are many risks. In 2020 research CynergisTek has specified that only 44% of health agencies hold on to their standards. Even though breaches of personal health data have increased in recent years. So, NIST wants to know what kind of risks healthcare organizations have faced while setting the Framework to the working process, possible inconsistency with other cybersecurity frameworks, and ways of connecting to the NIST Cybersecurity Framework. And, finally, The National Institute of Standards and Technology wants to gather suggestions on new tools and features to add to the Cybersecurity Framework, possible changes, fixes and updates, and any other ways to make the Framework more serviceable.
NIST’s Request for The Public Information
To highlight the written above, on February, 22 NIST laid open to the public a request for information (RFI):
The National Institute of Standards and Technology (NIST) is seeking information to assist in evaluating and improving its cybersecurity resources, including the Framework for Improving Critical Infrastructure Cybersecurity and a variety of existing and potential standards, guidelines, and other information, including those relating to improving cybersecurity in supply chains.
NIST additionally notified that they are going to put into operation the National Initiative for Improving Cybersecurity in Supply Chains (NIICS):
That includes an increased awareness of and emphasis on cybersecurity risks in supply chains, including a decision to launch NIICS. With those changes in mind, NIST seeks to build on its efforts to cultivate trust by advancing cybersecurity and privacy standards and guidelines, technology, measurements, and practices by requesting information about the use, adequacy, and timeliness of the Cybersecurity Framework and the degree to which other NIST resources are used in conjunction with or instead of the Framework.
NIST should receive all comments concerning improvements until April 25, 2022, for further consideration. Stay with HIPAA Software News to stay up to date!
