The White House wants the rest of the U.S. government to do more to participate in developing international cybersecurity standards.
In a blog post from Dec. 23, White House Cybersecurity Coordinator Michael Daniel announced the release of an interagency report that outlined various ways the government can collaborate with international standards development groups. The report, co-authored by the National Security Council and the Information Technology Laboratory at the National Institute of Standards and Technology, highlights what technology areas need new standards, why standards need to evolve and how the U.S. can participate on an international scale.
Daniel writes that working with the global community to set these standards is essential so private industry can conduct their cybersecurity operations in the same manner regardless of where they hold their operations.
“U.S. companies are most effective when they can rely on the same cybersecurity standards overseas as they do in the United States,” he writes. “Not only do common standards make it easier for product development and sales, companies can more easily maintain and enhance network defense and resilience, which are vital in today’s world of diverse cyber threats.”
The report notes that a number of standards organizations are working to create new standards as technology evolves. A table contained in the report shows calls for new standards across a number of different technology sectors, including security automation in industrial control, smart grid and voting systems.
The report also makes a number of suggestions for the government, including that it should reach out to private industry, academia and professional associations to grasp what is needed to make their standards robust enough to cover emerging technology but also flexible enough to adjust to future innovations.
Eight recommendations are made in the report, which focus on having federal agencies insert standards development into their mission objectives, enhance information sharing practices and promote standards that are already in place inside the government, such as the Federal Risk and Authorization Management Program, or FedRAMP.
“The development of international standards for cybersecurity promotes U.S. interests by facilitating interoperability, security, usability and resilience; improving trust in online and offline transactions; promoting innovation and competitiveness; and helping U.S. products and services compete in global markets.”
Read the full report and its supplemental guide below.
Contact the reporter on this story via email at firstname.lastname@example.org, or follow him on Twitter at @gregotto. His OTR and PGP info can be found here. Subscribe to the Daily Scoop for stories like this in your inbox every morning by signing up here: fdscp.com/sign-me-on.