The White House and NIST have yet to share detail on how the framework will be structured.

The document adds a section on the tenets of the security philosophy and adopts longstanding federal language around approaches.

The department has launched risk analysis initiatives at national labs, rather than waiting for the perfect metrics, to establish standards.

“I am extremely bullish on innovation in the area of digital identity and privacy with government agencies going forward," said one privacy expert.

Cybersecurity Maturity Model Certification will be the new DOD contractor cybersecurity rules.

There are about 150 open cybersecurity oversight recommendations the Pentagon still needs to deal with, and some are more than just a few years old.