The Professional Services Council (PSC) yesterday made recommendations to the National Institute of Standards and Technology (NIST) that the ongoing efforts to create cyber security requirements for contracting be suspended until NIST develops a cyber security framework required under President Obama’s February 12th Executive Order 13636. PSC made the recommendations per a Request for Information (RFI) from NIST regarding the cyber security framework.
Authored by Stan Soloway, President and CEO of PSC, recommendations included the number of initiatives underway in the contracting community, that may lead to discrepancies between the NIST framework and acquisition-related cyber security standards and provisions. “We strongly believe that the NIST cybersecurity framework should be developed prior to the further development or implementation of new acquisition-specific cybersecurity requirements,” said Soloway.
Soloway went on to stress the importance of NIST closely coordinating “its framework development with GSA, DoD, DHS and the FAR Councils so that the acquisition-specific recommendations relating to paragraph 8(e) of the executive order are consistent with NIST’s industry baseline efforts.”
