I'll oversimplify this to keep it short, but the President kicked all of this off earlier this year in wake of failed cyber security legislation efforts in 2010 (GRID Act) and 2012 (Cybersecurity Act of 2012).
The two primary vectors on this project have included:
The two primary vectors on this project have included:
- Having NIST lead the charge to develop a new cyber security framework (i.e., pattern, roadmap, guidance) made up of references to existing guidance that seem to work well. On twitter this effort is tagged #NISTCSF
- A parallel initiative to develop incentives that might improve the business case for being more proactive on cyber security.
- Cybersecurity Insurance
- Grants
- Process Preference
- Liability Limitation
- Streamline Regulations
- Public Recognition
- Rate Recovery
- Cybersecurity Research
Liability and insurance are going to be the thorniest. And rate recovery help, if workable, sounds promising.
You ran read The Hill's coverage and the original White House text via URLs below, as well as check out the current status and next activities related to the framework.
----
URLs
The Hill
http://thehill.com/blogs/hillicon-valley/technology/315795-white-house-publishes-preliminary-list-of-cybersecurity-incentives
White House
http://www.whitehouse.gov/blog/2013/08/06/incentives-support-adoption-cybersecurity-framework
NIST CSF
http://www.nist.gov/itl/cyberframework.cfm
