Events , Video

The Evolving Cybersecurity Framework

Adam Sedgewick: An Early Assessment on the Framework
The Evolving Cybersecurity Framework

The cybersecurity framework, the package of best IT security practices issued in mid-February, isn't set in stone, but will evolve in the coming weeks, months and years, says the framework's point man, Adam Sedgewick.

See Also: Bank Payment Clearance Vulnerabilities: Faster Payments, Faster Fraud?

In a video interview recorded at RSA 2014, Sedgewick:

  • Explains the key elements of the cybersecurity framework, which is designed to help critical infrastructure operators safeguard their information assets;
  • Addresses critics who say the framework is too simple to be effective and fails to address the costs to implement it; and
  • Discusses how the cybersecurity framework will evolve from version 1 that was issued in mid-February (see NIST Releases Cybersecurity Framework).

Sedgewick is the senior IT adviser at the National Institute of Standards and Technology's Information Technology Laboratory, and represents NIST on the Department of Commerce Internet Policy Task Force. He also advises NIST leaders on cybersecurity. Previously, Sedgewick served as senior adviser to the Federal Chief Information Officer Council, coordinating cross-agency initiatives and assisting in the implementation of Office of Management and Budget policy and directives. For nine years, he served on the staff of the Senate Committee on Homeland Security and Governmental Affairs, handling cybersecurity and federal information technology policy.


About the Author

Eric Chabrow

Eric Chabrow

Host & Producer, ISMG Security Report; Executive Editor, GovInfoSecurity & InfoRiskToday

Chabrow hosts and produces the semi-weekly podcast ISMG Security Report and oversees ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network