To refresh, here's what they/we are trying to do:
The goals of the Framework development process will be: (i) To identify existing cybersecurity standards, guidelines, frameworks, and best practices that are applicable to increase the security of critical infrastructure sectors and other interested entities; (ii) to specify high-priority gaps for which new or revised standards are needed; and (iii) to collaboratively develop action plans by which these gaps can be addressed. It is contemplated that the development process will have requisite stages to allow for continuing engagement with the owners and operators of critical infrastructure, and other industry, academic, and government stakeholders.If you are so moved and have something to say (and NIST and I hope you do), here's how to submit your ideas and recommendations:
For those who prefer to communicate longhand by dipping your peacock feather quill into the inkwell on your vintage desk, "Written comments may be submitted by mail to Diane Honeycutt, National Institute of Standards and Technology, 100 Bureau Drive, Stop 8930, Gaithersburg, MD 20899."
"Electronic submissions may be in any of the following formats: HTML, ASCII, Word, RTF, or PDF. Online submissions in electronic form may be sent to firstname.lastname@example.org."
Do this in Either Case
"Please submit comments only and include your name, company name (if any), and cite“Developing a Framework to Improve Critical Infrastructure Cybersecurity” in all correspondence."
'Know this in Either Case: Your Written Comments will be Public
"All comments received by the deadline will be posted at http://csrc.nist.gov without change or redaction, so commenters should not include information they do not wish to be posted (e.g., personal or confidential business information)."
Sometimes there's no substitute for being there in person, so if that's your desire, you can click HERE to register for the April 3 workshop in beautiful Gaithersburg. Hope you can make it and fair warning if you do: I'll be there too!