With the announcement of the commitments to improve cybersecurity by the participants of the 8/25 meeting at the White House, CRI appreciates President Biden’s determination to improve the overall cybersecurity of our nation and especially that of our critical infrastructure. There is a shared responsibility between owners and operators of critical infrastructure, and the government to keep our nation safe and prosperous. This is why we believe the use of the Financial Services Profile of the NIST Cyber Security Framework is such an important piece of the critical infrastructure puzzle. The Profile which was created by the private sector using existing regulation and supervisory guidance issued by governments around the world to create a framework for improving the security posture of members of the financial services sector while ensuring regulatory compliance.
Cybersecurity is truly a team sport, neither the private sector nor the government will be able to “fix” the problem. We will need to continue to work together, in concert to ensure our critical infrastructure improves and maintains appropriate levels of security. CRI exists so that the Profile can maintain its relevance to both the financial services sector and the relevant government agencies and regulators. We agree with President Biden’s comment that the private sector can “raise the bar” when it comes to cybersecurity. We feel that the members of CRI and the financial services sector in general are currently raising the bar and will continue to do so with the assistance and guidance of our government partners.