Earlier this year, SIIA hailed the NIST Cybersecurity Framework for creating a voluntary approach to cybersecurity that would preserve IT innovation and technology neutrality, contrasting this with an inflexible regulatory approach. We are therefore very pleased today that the Administration’s review by several key agencies—DHS, HHS, EPA—reached the same conclusion. In a blog this afternoon, White House Cyber Czar Michael Daniel concluded that no new regulations are needed at this time, instead stating,
“existing regulatory requirements, when complemented with strong voluntary partnerships, are capable of mitigating cyber risks to our critical systems and information.”
We couldn’t agree more. SIIA and our members remain committed to promoting the Framework which leverages industry-led standards, and creates effective, flexible best practices for cybersecurity preparedness.
David LeDuc is Senior Director, Public Policy at SIIA. He focuses on e-commerce, privacy, cyber security, cloud computing, open standards, e-government and information policy. Follow the SIIA public policy team on Twitter at @SIIAPolicy.