The subject of international alignment and alignment with international resources continues to be an important focus for NIST, particularly with the process for the Cybersecurity Framework (CSF) 2.0 update. This was an important area for many of our stakeholders, as described in the summary of analysis of the Request for Information (RFI) from February. NIST hosted its first virtual workshop on the journey to the CSF 2.0 update process in August. During the workshop, NIST described the importance of international alignment as well as the feedback we heard on continuing our international engagement and incorporating global perspectives into the CSF 2.0 update process.
NIST also welcomed experts with perspectives from government, industry, and standardization to a panel at the workshop on international use and alignment of the CSF, moderated by the U.S. Department of State. We heard about international cybersecurity policy trends that could be influential for the CSF 2.0 update process and information on how people are using the CSF throughout the world. We also heard about the documents that reference the CSF in the International Organization of Standardization (ISO), including ISO Technical Specification 27110, and the importance of NIST continuing to contribute in standards organizations such as ISO and to align the CSF with the ISO 27000 family. This feedback will help us as we update the CSF to increase its use throughout the world and ensure it is useful to our partners outside the U.S. If you missed it, recordings are available online. More information and an analysis of the workshop can be found in this recently released summary.
The Department of State has facilitated our involvement in numerous agreements and joint statements with international partners. One example is a recently released Joint Statement on U.S.-Mexico Working Group on Cyber Issues which highlights our commitment with Mexico to continue to share information on cybersecurity resources and support active participation and engagement in initiatives such as the CSF 2.0 update process and the National Initiative for Cybersecurity Education (NICE) community, including events such as the Regional Initiative for Cybersecurity Education and Training (RICET). NIST also worked with the Department of State and the International Trade Administration (ITA) on participation in a virtual stakeholder engagement event with government and industry on cybersecurity approaches.
We continue to welcome and learn from visitors who come to NIST and our National Cybersecurity Center of Excellence (NCCoE) to discuss cybersecurity issues. We had discussions on NIST cybersecurity resources with a delegation from Jordan and discussed our 5G security project with visitors from Australia. We welcomed visitors from Japan, the European Commission, and the United Kingdom in September and discussed a number of areas for collaboration in cybersecurity, including NIST’s ongoing work in post quantum cryptography and the NCCoE’s project on zero trust architecture.
NIST traveled to Cartagena, Colombia, at the end of August to participate in ANDICOM 2022, thanks to the facilitation of ITA. At the event, NIST discussed the Privacy Framework and CSF update to 2.0 process. NIST also leveraged this opportunity to engage with stakeholders in Latin America, where we’ve already had numerous conversations about the CSF and translations of our resources in Spanish and Portuguese.
Additional international resources continue to be posted on the International Cybersecurity and Privacy Resources page. If you are aware of additional translations and resources to share, please reach out to us!
For questions or to discuss opportunities for international engagement, reach out to us at intl-cyber-privacy [at] nist.gov.