Agencies Mold Regulations Around 'Voluntary' Cyber Standards

Federal regulators are adapting voluntary cybersecurity standards to suit industries they oversee, for what could pan out to be requirements. The voluntary "Framework for Improving Critical Infrastructure Cybersecurity” was released by the National Institute of Standards and Technology almost a year ago. The framework is part of a 2013 executive order to secure private computer systems that, if disrupted, could cause catastrophic damage to society. Right now, most of the guidelines regulators are putting out only advise following the framework. But the agencies are developing protocols around it, too.