Chemical Sector Cybersecurity – Framework Implementation Guidance by CISA

The National Institute of Standards and Technology (NIST) Cybersecurity Framework provides a policy
framework of computer security guidance for how private sector organizations in the United States can
assess and improve their ability to prevent, detect, and respond to cyberattacks.1 It can be used to help
identify and prioritize actions for reducing cybersecurity risk, and it is a tool for aligning policy, business, and technological approaches to managing that risk. Different types of entities—including sector coordinating structures, associations, and organizations—can use the Framework for different purposes.
In 2018, NIST released Version 1.1 of the Framework for Improving Critical Infrastructure Cybersecurity. The update encourages maturity in cybersecurity assessments and the vulnerability disclosure process, outlines an expanded scope of identity management and access control, and provides supply chain risk management guidance to help mitigate risks associated with industrial control systems and connected devices.
The Chemical Sector embraces the flexibility the Framework offers. The Cybersecurity and Infrastructure
Security Agency (CISA) within the Department of Homeland Security (DHS), as the Sector-Specific Agency,
worked with the Chemical Sector Coordinating Council (SCC) and Government Coordinating Council (GCC) to develop this Implementation Guidance.

Leave a Reply

Your email address will not be published.