The framework was released as part of President Barack Obama's executive order on "critical infrastructure" cybersecurity. This voluntary framework is intended to improve U.S. cybersecurity among all critical sectors, including financial services, and should complement existing standards and rules.
NIST said in a release that the framework consists of three parts:
NIST said its framework will be updated and improved as industry provides feedback on implementation.
CUNA is reviewing the final framework, and commended NIST on Wednesday for taking positive steps by engaging with the financial sector.
CUNA also urged NIST and other government entities to address cybersecurity issues and to coordinate closely with all financial regulators, including the National Credit Union Administration, to ensure the framework is consistent with, and does not expand the scope of, existing rules and regulations for credit unions.