Federal agency collaborates on preventing cyber-attacks

Select an option below to continue reading this premium story.

Already a Honolulu Star-Advertiser subscriber? Log in now to continue reading.

Get unlimited access

From as low as $12.95 /mo.

Subscribe Now

Last week I was in San Diego, helping the National Institute of Standards and Technology develop a framework to secure the nation’s critical infrastructure from cyberthreats. NIST, which is part of the U.S. Department of Commerce, was tasked by President Barack Obama to develop the framework when he issued Executive Order 13636 in February.

Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” outlined a number of steps that the federal government will take to help public and private infrastructure providers strengthen their resilience against Internet-based attacks.

The order recognized for the first time that our nation’s communications providers play a critical role in supporting the operations of other infrastructure providers. This prompted NIST to invite representatives from communications providers like Hawaiian Telcom as well as traditional infrastructure players like energy and water companies to contribute to the framework’s development.

The goal behind this collaborative effort among government, academia and industry is to produce a guide to help companies understand current cybersecurity risks and to evaluate their readiness to fend off various kinds of attacks. It will help companies identify their areas of strength and weakness to help them focus on making improvements in areas that will most greatly benefit from their proactive efforts.

The framework, the first draft of which is due in October, also will link to existing industry guidance, including standards and best practices as well as guidelines to measure an organization’s maturity level in various areas and how to improve it.

Last week’s meeting in San Diego was the third hosted by NIST since the executive order was issued.

Don't miss out on what's happening!

Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

There will be another meeting held in Dallas this fall. During these working sessions, NIST facilitates discussions among the several hundred participants that will help them draft a truly collaborative framework that reflects the most current best practices for fending off cyber-attacks. Topics include the adoption of cutting-edge technologies and identifying areas where solid processes and a culture of security can be key elements of a strong defensive posture.

These efforts have a new sense of urgency with the recent revelations that cyber-attacks against U.S. energy companies rose dramatically in the latter half of 2012 and were the target in a whopping 41 percent of attacks in 2012, according to the government.

Through our involvement in the current NIST effort as well as other, parallel efforts, communications companies are working hard to contribute to the improved security posture of our nation’s critical infrastructure as attacks against them increase in both volume and sophistication.