NIST Issues Request for Information on Improving Cybersecurity Practices

Don Miller

Last week, we told you about the White House’s attempt to address the data security crisis through issuance of an Executive Order entitled Improving Critical Infrastructure Cybersecurity (“EO”).  As part of this process, the National Institute of Standards and Technology (NIST) is tasked with developing a baseline framework of best practices to help reduce cyber risks.  To that end, NIST recently released a Request for Information  seeking comments about how best “to guide industry in reducing cyber risks to the networks and computers that support critical infrastructure vital to the nation’s economy, security and daily life.”

NIST has not defined that which will be considered “critical infrastructure,” but it did make specific reference to infrastructure of concern from five specific sectors:  telecommunications, energy; financial services; water and transportation.  Businesses in these five sectors with the potential to be deemed “critical infrastructure” should pay close attention to the development of the best practices framework, as well potential risks for failing to implement any aspects of framework that is eventually developed.  Comments to the initial RFI are due by 5 p.m. ET, April 8, 2013, and should be sent to with the subject line: “Developing a Framework to Improve Critical Infrastructure Cybersecurity.”

Because more and more critical services are being controlled or managed via the Internet, all businesses (not just those operating within any of five critical infrastructure sectors) should examine their current networks/computers and assess corresponding data security practices.  bTrade has 20+ years of experience in various aspects of cybersecurity, including encryption, secure communication protocols and the secure/managed file transfer processes.  To learn more about how we can assist with your data security needs, please contact us at

bTrade secure control