Top Threats

Draft NISTIR 8310, Cybersecurity Framework Election Infrastructure Profile For Comment

  • 1.  Draft NISTIR 8310, Cybersecurity Framework Election Infrastructure Profile For Comment

    Posted Mar 29, 2021 11:48:00 AM
      |   view attached
    Hi All,

    To help secure our elections, NIST has released Draft NISTIR 8310, Cybersecurity Framework Election Infrastructure Profile. This Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cyber risk to election infrastructure. The Profile is meant to supplement but not replace current cybersecurity standards and industry guidelines available to election officials.

    This profile can be used in several ways, including the following:
    • To highlight and communicate high priority security expectations,
    • To perform a self-assessment comparison of current risk management practices, or
    • As a baseline profile or example profile to reference when developing one's own.

    We look forward to reviewing all of your comments. We'd also appreciate your feedback on the following:
    • Does this profile meet your needs?
    • Are there specific sections more/less helpful?
    • Share any thoughts about the separation of Mission Objective 1 into 1a and 1b (see Section 5).

    A public comment period on this draft is open through May 14, 2021. See the publication details to download a copy of the document and a template for submitting comments.

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------