NIST releases a new draft cybersecurity framework for systems that never stop moving

As far back as 2013, the federal government started directing resources toward protecting assets, organizations and technology deemed as critical infrastructure. While the definition of critical infrastructure has been fluid as new sectors are added, it is generally defined as anything whose loss would impact the health, safety, security or economic well-being of many people, or even the entire nation.

Critical infrastructure has been further defined by the Cybersecurity and Infrastructure Security Agency (CISA) as centering on chemical manufacturing, communications, commercial facilities, critical manufacturing, dams, the defense industrial base, emergency services, energy, financial services, food and agriculture, government facilities, healthcare, information technology, nuclear reactors, transportation and water systems.

Over the years, there have been many efforts launched to improve cybersecurity in most critical sectors. For example, in 2015 there was a big push to secure the power grid, which is still ongoing today. In fact, public utilities of all types ...