Adam Meyer on Implementing the Cyber Security Framework

While the Federal Cyber Security Framework (CSF) drafting process has been one of the better collaboration exercises the government and private sector have engaged in for quite some time, it has also put the spot light on the many challenges associated with critical infrastructure cyber security.

The CSF is the result of industry stakeholders and the National Institute of Standards and Technology (NIST) collaborating on the selection of key security controls from various existing frameworks like the Top 20 Critical Controls, ISO 27k, NERC CIP, COBIT and more, along with industry input.

The effort is aimed at consolidating these controls into one streamlined document to produce a security capability maturity model propelled by stakeholder incentives to encourage adherence to parameters which are currently unknown.