Under Executive Order 13636  (“Executive Order”), the Secretary of Commerce is tasked to direct the Director of NIST to develop a framework for reducing cyber risks to critical infrastructure (the “Cybersecurity Framework” or “Framework”). The Framework will consist of standards, methodologies, procedures and processes that align policy, business, and technological approaches to address cyber risks. The Department of Homeland Security, in coordination with sector-specific agencies, will then establish a voluntary program to support the adoption of the Cybersecurity Framework by owners and operators of critical infrastructure and any other interested entities.
NIST has issued a Request for Information (RFI) in the Federal Register. It is to this RFI that our response pertains. The undersigned persons and organizations include experts on matters relating to election technology, election practices, encryption, Internet security, and/or privacy. We appreciate the opportunity to provide input on this RFI entitled “Developing a Framework to Improve Critical Infrastructure Cybersecurity”.
Our response focuses on the discussion of specific practices as they pertain to elections practices and systems as part of the nation’s critical infrastructure. (Download the Full Response as a PDF)