The Latest in IT Security

By Alina Selyukh WASHINGTON (Reuters) – The U.S. government is expected on Wednesday to release the final version of voluntary standards meant to help U.S. companies in nationally critical industries better protect themselves against cyber attacks. Criticized in earlier drafts for being too vague and toothless, the so-called cybersecurity framework attempts to turn a vast amount of industry input into guidelines designed for 16 different sectors whose disruption could be devastating to the country. Exactly one year after President Barack Obama issued an executive order directing a Commerce Department agency to compile voluntary minimum standards, the National Institute of Standards and Technology, or NIST, is due to issue guidelines, which companies have no obligation to adopt. Drafters of the framework had to allay concerns by many in the private sector that their voluntary standards could someday become regulations.