Contact: Scott Jensen, (202) 249-6511
WASHINGTON (Dec. 13, 2013) – The American Chemistry Council (ACC) today filed comments and offered recommendations for improving the implementation of the Preliminary Cybersecurity Framework released by the National Institute of Standards and Technology (NIST) to address cybersecurity risks. The best practices and guidance outlined in the framework are officially slated to be released for comment in February of 2014.
The following statement can be attributed to ACC Senior Director of Security, Bill Erny:
“We appreciate the opportunity to comment on the framework and commend NIST for taking a risk-based and flexible approach that will allow operators to focus on the greatest cyber threats and utilize a wide array of security measures. The framework will enable companies to assess whether their current cybersecurity programs are sufficient. And, without being overly prescriptive, it provides guidance on how companies can improve upon current programs or, if necessary, create a new one. It also seeks to fully utilize existing resources by taking advantage of proven cybersecurity best practices currently available in the public domain.
“The proposed framework also will compliment and be compatible with industry programs, such as ACC’s Responsible Care® Security Code. Through Responsible Care, the chemical industry’s world-class environmental, health, safety and security performance initiative, ACC members are already required to have robust security programs in place.
“We look forward to working with NIST to advance the adoption of the framework and strongly urge NIST to identify clear methods for tracking progress and ensure the proposed framework can be adopted broadly and successfully.
“ACC recommends that NIST better define and clarify what constitutes successful adoption of the framework and ensure that it is focused on critical infrastructure. By providing a clear definition of adoption and by focusing on critical infrastructure, the Department of Homeland Security will be able to recognize those who have successfully adopted the framework. This action will in turn encourage adoption across the critical infrastructure community and would allow for consistent tracking of performance and risk reduction. We also believe affording the Support Anti-terrorism by Fostering Effective Technologies Act (SAFETY Act) designation to technologies and programs that support adoption of the framework will help stimulate the marketplace for a more rapid expansion of such technologies. In addition, ACC encourages NIST to place equal emphasis on IT cybersecurity and process or industrial control cybersecurity throughout the framework.”
» Learn more about cybersecurity