NIST wants answers on infosec - your answers
Crowd-sourcing info for White House cyber-sec wonk-circle
Sometimes, “don't read the comments” just isn't an option – like when you're United States' National Institute of Standards and Technology (NIST), and you're soliciting input for the US government's Commission on Enhancing National Cybersecurity (CENC).
The CENC, which was announced back in April, has asked NIST to provide support services for its work.
As part of this, NIST has issued this RFI, which is open for comments until September 9.
The RFI covers a pretty lengthy list of topics NIST an the CENC want information about:
- Critical Infrastructure Cybersecurity
- Cybersecurity Insurance
- Cybersecurity Research and Development
- Cybersecurity Workforce
- Federal Governance
- Identity and Access Management
- International Markets
- Internet of Things
- Public Awareness and Education
- State and Local Government Cybersecurity
For each of these, NIST is soliciting projections about policies, economic incentives (read: “bug bounties, yes or no?”), metrics that could apply to cybersecurity, and what solutions might be useful in the coming decade.
If you're thinking of reminding NIST that quantum computing is about to change everything, don't bother. That's the topic of a completely different effort at the standards agency. ®