On February 26, the National Institute of Standards and Technology (NIST) published anotice in the Federal Register requesting comments on organizations’ cybersecurity policies and practices, in fulfillment of the February 12 White House Executive Order on cybersecurity.
Under Executive Order 13636: Improving Critical Infrastructure Cybersecurity, NIST is tasked with developing a cybersecurity framework consisting of "a set of standards, methodologies, procedures, and processes that align policy, business, and technological approaches to address cyber risks." A draft framework is due in October.
Once the final framework is complete, designated federal agencies will be required to promote voluntary adoption of the framework by industries in their sectors, unless the agency has clear authority to require adoption. In the case of the water sector, EPA will be tasked with encouraging water and wastewater utilities (publicly owned and privately owned) to voluntarily implement the framework.
Comments are due to NIST by April 8, 2013. Members are encouraged to provide input for AMWA’s comments by March 29 and/or share their utility’s comments with AMWA as soon as possible before the NIST deadline of April 8. Comments and questions should be referred to AMWA's Michael Arceneaux at [email protected] or 202-331-2820.