National Institute of Standards and Technology

Requirement

NIST required specialized support to respond to two Executive Orders focused on Cybersecurity.

Exeter Solution

In response to Executive Order 1363 in 2013 on Improving Critical Infrastructure Cybersecurity, NIST was required to provide a draft framework on the subject and provide preliminary lists of standards, guidelines, frameworks, and best practices. Exeter supported NIST with expertise, advice, and analysis on technical aspects of the framework. Specifically, Exeter developed an annotated outline and a draft of the framework, provided resolution of comments received from the public on draft versions of the document, and drafted the final version. Throughout the task, Exeter provided planning, preparation, execution, and follow-up activities for three workshops held to solicit expert comment regarding the Framework. The Framework was delivered on schedule and in compliance with the Executive Order.

NIST was also required to respond to an Executive Order issued in 2016 to enhance cybersecurity awareness and protections at all levels of Government, business, and society, to protect privacy, to ensure public safety and economic and national security, and to empower Americans to take better control of their digital security. Exeter supports NIST’s efforts with the President’s commission formed to meet this challenge. Ultimately, the Commission will make detailed recommendations for strengthening the cybersecurity of the digital ecosystem – for both individuals and public and private organizations - while protecting privacy and bolstering partnerships. It will also promote the use of cybersecurity technologies. Exeter is assisting NIST in preparing materials for a briefing book for the Commissioners, which addresses the topics of R&D, Cyber Insurance, and the financial sector. The final goal is to provide a well-researched, thoughtful, and meaningful report with recommendations to the President.

Exeter has supported NIST since 2008.