The Telecommunications Industry Association (TIA) submitted comments on Friday, October 10, to the National Institute of Standards and Technology (NIST) in response to its public request for input on awareness and initial experiences with the NIST Cybersecurity Framework.
In this filing, TIA discussed how there is widespread awareness of the Framework amongst the members of the ICT manufacturer, supplier, and vendor community, and how TIA has worked to share developments related to the Framework with its member companies. TIA also noted that, while awareness of the Framework is a valuable and necessary step, it is important that it be accompanied by a correct understanding of the voluntary nature and scope of the Framework, as well as how to use it.
Noting that TIA’s members continue to work with their critical infrastructure customers to provide products and services that are driven by demands for business continuity and competitive differentiation, TIA urged NIST to recognize that because the Framework has only recently been released, and that it is too early to be able to understand to what degree the Framework has helped organizations understand the importance of managing cyber risk. Across critical infrastructure sectors, efforts are underway to use the Framework. For example, TIA has joined other key stakeholders in the Federal Communications Commission’s Communications Security, Reliability, and Interoperability Council (CSRIC), which has undertaken an effort to map the Framework to the communications sector.
Finally, TIA provided input on the NIST’s roadmap for the Framework moving forward, urging NIST to prioritize the goals and priorities of the President’s Executive Order which created the Framework, particularly in the areas of supply chain, conformity assessment, and privacy.
To read TIA’s comments sent to NIST in its entirety, click here- http://www.tiaonline.org/news-media/press-releases/comments-nist-response.
