"Please send comments to firstname.lastname@example.org (Subject: “Comments on Draft NISTIR 8074”). The public comment period closes September 24, 2015. Those responding are encouraged to use the Comments Templates provided below.
Comment Template for Volume 1
Volume 2: Supplemental Information for the Report
Comment Template for Volume 2
Interagency Report Advocates Support for International Cybersecurity Standardization From NIST Tech Beat: August 11, 2015
"A new draft report by an interagency working group lays out objectives and recommendations for enhancing the U.S. government's coordination and participation in the development and use of international standards for cybersecurity. The report recommends the government make greater effort to coordinate the participation of its employees in international cybersecurity standards development to promote the cybersecurity and resiliency of U.S. information and communications systems and supporting infrastructures. These efforts should include increased training, collaborating with private industry and working to minimize risks to privacy.
The draft report outlines four U.S. government strategic objectives for the development and use of international standards for cybersecurity:
- Enhancing national and economic security and public safety
- Ensuring standards and assessment tools for the U.S. government are technically sound
- Facilitating international trade
- Promoting innovation and competitiveness
The U.S. standards system differs significantly from the government-driven, centrally coordinated systems common in many other countries. Under the U.S. system, hundreds of standards development organizations (SDOs) provide the infrastructure for the preparation of standards documents. While these organizations are overwhelmingly private sector, government personnel participate in standards development activities along with representatives from industry, academia, and other organizations and consumers.
A supplement to the draft report provides a summary of ongoing activities in critical international cybersecurity standardization and an inventory of U.S. government and private-sector engagement. It also provides guidance for agencies to plan and coordinate more effective participation in these activities.
The working group's draft report supports the 2010 United States Standards Strategy, which was developed through a public-private partnership and outlines the contribution of private-sector led standards development to overall competition and innovation in the U.S. economy and the imperative of public and private-sector participation and collaboration.
The full Report on Strategic U.S. Government Engagement in International Standardization to Achieve U.S. Objectives for Cybersecurity [NISTIR 8074 Volume 1 (Draft)] and supplement [NISTIR 8074 Volume 2 (Draft)] can be found on the NIST website.