NIST identifies objectives for cyber standards
The National Institute of Standards and Technology is proposing four broad objectives as the foundation for international standards in cyberspace.
A new document drafted by the National Institute of Standards and Technology proposes four broad objectives for the government’s pursuit of international standards in cyberspace: improve national and economic security; ensure standards are technically sound; support standards that promote international trade; and develop standards in tandem with industry to boost innovation.
The draft guidance will be the basis of a report the administration owes Congress by December outlining how agencies will collaboratively come up with global cybersecurity standards.
If fully implemented, the guidance will “enable a comprehensive United States cybersecurity standardization strategy,” the document said. It is the latest federal contribution to the still-maturing field of global cyber standards. The State Department has been lobbying at the United Nations for a set of peacetime norms.
A new White House-led interagency group should implement the strategic objectives, the document recommended. Among the other suggestions were that agencies make long-term investments in standards development, and that they collaborate with the private sector through consensus and not by fiat.
The document also encouraged federal cybersecurity officials to regularly check in with their counterparts in “key partner countries.” NIST itself has been an ambassador for U.S. cybersecurity policy. Officials from the standards organization last year traveled the globe promoting its framework for protecting critical infrastructure, which one official called “a potential model for furthering international dialogue.”
The public comment period for the NIST draft document ends Sept. 24.