Food Engineering logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Food Engineering logo
  • NEWS
    • Latest Headlines
    • Manufacturing News
    • People & Industry News
    • Plant Openings
    • Recalls
    • Regulatory Watch
    • Supplier News
  • PRODUCTS
    • New Plant Products
    • New Retail Products
  • TOPICS
    • Alternative Protein
    • Automation
    • Cannabis
    • Cleaning | Sanitation
    • Fabulous Food Plants
    • Food Safety
    • Maintenance Strategies
    • OEE
    • Packaging
    • Sustainability
    • More
  • EXCLUSIVES
    • Plant Construction Survey
    • Plant of the Year
    • Sustainable Plant of the Year
    • State of Food Manufacturing
    • Top 100 Food & Beverage Companies
  • MEDIA
    • Podcasts
    • Videos
    • Webinars
    • White Papers
  • FOOD MASTER
  • EVENTS
    • Food Automation & Manufacturing Symposium and Expo
    • Industry Events
  • RESOURCES
    • eNewsletter
    • Custom Content & Marketing Services
    • FE Store
    • Government Links
    • Industry Associations
    • Market Research
    • Classified Ads
  • EMAGAZINE
    • eMagazine
    • Archive Issue
    • Advertise
  • SIGN UP!
Manufacturing News

Manufacturing News

NIST addresses cybersecurity for companies

New document offers updated guidance to companies looking to protect themselves.

cyber supply chain relationship

NIST’s definition of cyber supply chain relationship includes an organization, its suppliers, partners and buyers. Source: NIST.

March 13, 2017

In 2014, the National Institute of Standards and Technology (NIST) created the “Cybersecurity Framework,” a manual to help companies keep intruders out of their computer systems that manage critical infrastructure and/or intellectual property.

In 2013, President Obama issued an executive order, Improving Critical Infrastructure Cybersecurity, and called for the development of a Cybersecurity Framework. Purely voluntary, the non-industry-specific document was to provide a “prioritized, flexible, repeatable, performance-based and cost-effective approach” to manage cybersecurity risk for those processes, information and systems directly involved in the delivery of critical infrastructure services. The framework, developed in collaboration with industry, provides guidance to an organization managing cybersecurity risk.

Now NIST is updating the earlier version (1.0) and has published new draft guidance, “Framework for Improving Critical Infrastructure Cybersecurity Version 1.1.” This document incorporates feedback since the Version 1.0 release and integrates comments from the December 2015 Request for Information as well as comments from attendees at the Cybersecurity Framework Workshop in 2016.

What’s new in Version 1.1?

No company is an island today—so to speak. A manufacturer connects with its suppliers, partners and customers. Therefore, the primary concern in Version 1.1 is managing cyber supply chain risks, clarifying key terms and introducing new measurement methods for cybersecurity.

“We wrote this update to refine and enhance the original document and to make it easier to use,” says Matt Barrett, NIST’s program manager for the Cybersecurity Framework. “This update is fully compatible with the original framework, and the framework remains voluntary and flexible to adaptation.”

Cyber supply chain risk management is an organization-wide approach to risk that is enacted via enterprise risk management policies, processes and procedures. This likely includes a governance structure (e.g., risk council) that manages cyber supply chain risks in balance with other enterprise risks. Policies, processes and procedures are implemented consistently, as intended, and continuously monitored and reviewed. Personnel possess the knowledge and skills to perform their appointed cyber supply chain risk management responsibilities. An organization has formal agreements in place to communicate baseline requirements to its suppliers and partners.

In addition, the vocabulary of the new document has been designed to allow all users working on a project to understand cybersecurity needs. Examples of cyber supply chain risk management include a small business selecting a cloud service provider or a federal agency connecting with a system integrator to build an IT system. In the Identity Management and Access Control category, the draft clarifies and expands the definitions of the terms “authentication” and “authorization.” In addition, the related concept of “identity proofing” is defined.

Version 1.1 includes a new section on cybersecurity measurement, which discusses the correlation of business results to cybersecurity risk management metrics and measures. The new version adds a better explanation of the relationship between implementation tiers and profiles.

“Measurements will be critical to ensure that cybersecurity receives proper consideration in a larger enterprise risk management discussion,” adds Barrett.

NIST would like to hear your comments on the new Version 1.1 by April 10, 2017. The draft guidance document, “Cybersecurity Framework Draft Version 1.1,” can be found at www.nist.gov/cyberframework/draft-version-11. Feedback and comments can be sent via email (cyberframework@nist.gov) no later than April 10, 2017.

More help with cybersecurity

With regard to cybersecurity threats to networks and facilities, Rockwell Automation has released an ebook entitled, “Industrial Security: Protecting networks and facilities against a fast-changing threat landscape.” The document presents a holistic approach to cybersecurity consisting of a security assessment, defense-in-depth (DiD) strategy and “trusted vendors.”

To read the ebook, visit Rockwell’s Industrial Security site.

KEYWORDS: cybersecurity Supply Chain

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
to unlock your recommendations.

Already have an account? Sign In

  • Global Organic Food & Beverage Market to Grow

    Global Organic Food & Beverage Market to Grow

    With a CAGR of 12.07%, Bonafide Research estimates this...
    Latest headlines
  • skilled MEP worker

    Predicting Food and Beverage Manufacturing Trends for 2024

    The two words that should be kept in mind are labor and...
    Automation
    By: Derrick Teal
  • cleaning and sanitation

    The basics of cleaning and sanitation in food plants

    Sanitation maintains or restores a state of cleanliness...
    Food Safety
    By: Richard F. Stier
Manage My Account
  • eMagazine
  • eNewsletter
  • Online Registration
  • Manage My Preferences
  • Customer Service

More Videos

Popular Stories

mechanical and chemical recycling

Clean Label Packaging Expands to Include Sustainability Considerations

Bottling machine

How Sensing Technologies Can Help Avoid Food and Water Waste

Yoplait Protein Yogurt

General Mills Sells North American Yogurt Business

CHECK OUT OUR NEW ESSENTIAL TOPICS

Alternative ProteinAutomationCleaning/SanitationFabulous Food Plants

Food SafetyMaintenance StrategiesOEE

PackagingSustainability

Events

June 17, 2025

Refrigerated & Frozen Foods’ State of the Cold Chain

On Demand Kelley Rodriguez, Editor in Chief of Refrigerated & Frozen Foods, will be joined in this 60-minute webinar by industry experts to help unpack the latest research.

July 10, 2025

Smarter Innovation With Practical AI: How to Stay Agile in Uncertain Times

Regulatory updates, supply chain shifts and evolving consumer demands keep the food and beverage industry in a state of constant change.

View All Submit An Event

Products

Recent Advances in Ready-to-Eat Food Technology

Recent Advances in Ready-to-Eat Food Technology

See More Products

Plant of the Year

Related Articles

  • New ISA99 standard addresses risks of IT cybersecurity solutions

    New ISA99 standard addresses risks of IT cybersecurity solutions

    See More
  • your industrial networks vulnerable to cyber attack?

    NIST releases voluntary National Cybersecurity Framework

    See More
  • Food Traceability

    Food Industry Addresses U.S. FDA Requirements for Additional Traceability Records With New Guidance

    See More

Related Products

See More Products
  • Functionalized_Carbohydrate.gif

    Functionalizing Carbohydrates for Food Applications

See More Products

Events

View AllSubmit An Event
  • May 6, 2025

    Fortifying Food Production: Automation and the Critical Role of Cybersecurity

    On Demand Food manufacturers face many challenges, including maintaining quality, managing labor shortages and sustaining the safety of their products, workforce and facilities. How can producers possibly keep up?
  • September 19, 2024

    Analyzing the Factors Influencing the Top 100 Food and Beverage Companies

    On Demand Join the editorial staff from FOOD ENGINEERING and Refrigerated & Frozen Foods as they break down the 2024 Top 100 Food and Beverage Companies and discuss the factors affecting this year’s rankings.
View AllSubmit An Event
×

Elevate your expertise in food engineering with unparalleled insights and connections.

Get the latest industry updates tailored your way.

JOIN TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Food Master
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing