Collaborative NIST Project to Manage Privacy Risk

Protecting individual privacy as the internet of things (IOT) continues to expand is increasingly challenging. To help meet those challenges, the US Department of Commerce’s National Institute of Standards and Technology (NIST) has launched a privacy framework project.

The goal of the collaborative privacy framework effort is to help organizations manage the privacy risks inherent in their networks, which are becoming increasingly more complex. The framework will offer enterprises privacy protection strategies that will afford them flexibility while remaining effective solutions to managing risks as technologies continue to evolve.

“We’ve had great success with broad adoption of the NIST Cybersecurity Framework, and we see this as providing complementary guidance for managing privacy risk,” said under secretary of commerce for standards and technology and NIST director Walter G. Copan in today’s press release. “The development of a privacy framework through an open process of stakeholder engagement is intended to deliver practical tools that allow continued US innovation, together with stronger privacy protections.”

The first public workshop will be held in Austin, Texas, on October 16, 2018, which will run concurrently with the International Association of Privacy ProfessionalsPrivacy. Security. Risk. 2018 conference.

So as not to understate the importance of protecting consumer privacy, the Commerce’s National Telecommunications and Information Administration, working in conjunction with the International Trade Administration, is also developing a domestic legal and policy approach to privacy protection. The goal of the coordinated effort between the two agencies is to ensure consistency with international policy objectives.

“Consumers’ privacy expectations are evolving at the same time that there are multiplying visions inside and outside the US about how to address privacy challenges,” said NIST senior privacy policy adviser and lead for the project Naomi Lefkovitz in the press release. “NIST’s goal is to develop a framework that will bridge the gaps between privacy professionals and senior executives so that organizations can respond effectively to these challenges without stifling innovation.”

What’s Hot on Infosecurity Magazine?