[ISN] Your Last Chance to Comment on Cybersecurity Guidelines for Industry

http://www.nextgov.com/cybersecurity/2013/10/your-last-chance-comment-cybersecurity-guidelines-industry/72398/ By Aliya Sternstein Nextgov October 22, 2013 The Obama administration has released a final draft of industry cybersecurity guidelines aimed at protecting commercial networks integral to daily living, after missing an Oct. 10 deadline due to the shutdown. Required to be completed by mid-February, the voluntary strategy for corporate executives and their staff hews closely to an Aug. 28 preview. This version, however, clarifies how to balance privacy with computer surveillance. The policymaking has been controversial since there is talk of favoring only compliant contractors for future government business. In addition, following the most stringent new practices and technical controls could be cost-prohibitive for some companies. Organizations can choose to follow riskier plans, or “tiers,” to save money, with the recognition that they might be more vulnerable to threats. “Organizations should determine the desired tier, ensuring that the selected levels meet the organizational goals, reduce cybersecurity risk to critical infrastructure, and are feasible and cost-effective to implement,” the guidelines state. […]