Skip to main content

Legal Update

NIST Releases Updated Cybersecurity Framework and Guide for Cybersecurity Event Recovery

22 February 2017
Mayer Brown Legal Update

Three years ago, the National Institute of Standards and Technology (“NIST”) released the “Framework for Improving Critical Infrastructure Cybersecurity.” In the intervening years, NIST and numerous other US government departments and agencies have continued to release guidance on how to improve cybersecurity using a tailored risk management framework. In recent months, NIST has continued this trend. In December 2016, NIST released a new guide for “Cybersecurity Event Recovery” (SP 800-184), and in January 2017, NIST published the draft “Framework for Improving Critical Infrastructure Cybersecurity v. 1.1.” Each issuance reflects NIST’s focus on developing risk-based approaches for protecting against cyber attacks. This Legal Update outlines the guidance and key implications for businesses.


  • Rajesh De
    T +1 202 263 3366
  • Marcus A. Christian
    T +1 202 263 3731
  • David A. Simon
    T +1 202 263 3388
  • Stephen Lilley
    T +1 202 263 3865
  • Kendall C. Burman
    T +1 202 263 3210
  • Joshua M. Silverstein
    T +1 202 263 3208
The Build a Report feature requires the use of cookies to function properly. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently. If you do not accept cookies, this function will not work. For more information please see our Privacy Policy

You have no pages selected. Please select pages to email then resubmit.