The National Cybersecurity Center of Excellence (NCCoE) has released for public comment the initial public draft of NIST Internal Report (NIST IR) 8467, Cybersecurity Framework Profile for Genomic Data. The comment period is now open through July 17, 2023.
About the Report
The Cybersecurity Framework (CSF) Profile for Genomic Data provides voluntary guidance to help organizations manage, reduce, and communicate cybersecurity and privacy risks for systems, networks, and assets that process genomic data. This publication is a follow-on effort to NIST Internal Report (IR) 8432, The Cybersecurity of Genomic Data, and was developed in collaboration with stakeholders across industry, academia, and government. This effort is informed by direction from Congress, the White House, and NIST’s existing expertise in genomics as well as cybersecurity.
The Profile identifies 12 genomic-related Mission Objectives and prioritizes relevant CSF Subcategories to help organizations protect genomic data throughout the data lifecycle.
Organizations processing genomic data can use this guidance to:
Understand genomic data cybersecurity considerations
Assess current organizational cybersecurity practices to identify gaps and areas of improvement for existing practices or infrastructure
Develop individualized organizational Current (As-Is) and Target (To-Be) Profiles
Prioritize investments in cybersecurity capabilities aligned to the CSF Subcategories identified as most important to support organizational Mission Objectives
Understand the relationship between cybersecurity and privacy risk management
The CSF Profile for Genomic Data is intended to supplement, not replace, current cybersecurity standards, regulations, and industry guidelines. Organizations should consider their unique obligations, operating environment, and Mission Objectives when prioritizing and implementing cybersecurity capabilities and controls. While the focus of this CSF Profile is cybersecurity, whenever human genomic data is processed, privacy risk management considerations must als ..
Support the originator by clicking the read the rest link below.
