The National Institute for Standards and Technology released its preliminary cybersecurity framework to provide guidance to “critical infrastructure owners”
Critical infrastructure includes those groups that maintain information relating to health and other areas.
The framework describes five Framework Core Functions:
Identify, Protect, Detect, Respond, and Recover
It also categorizes maturity and adoption into four implementation tiers:
Partial, Risk-Informed, Repeatable, and Adaptive
Conducting a risk assessment, prioritizing gaps, defining procedures, and measurement are critical elements.
NIST Framework Webpage: http://www.nist.gov/itl/cyberframework.cfm
Framework Draft Document: http://www.nist.gov/itl/upload/preliminary-cybersecurity-framework.pdf
The framework is now open to public comment.
Cybersecurity Challenges for Medical Devices - Double Helix LLC