* [Blog](https://www2.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/)
* [Cybersecurity](https://www2.paloaltonetworks.com/blog/category/cybersecurity-2/)
* Growing Awareness of Cybe...

# Growing Awareness of Cyber Framework Bodes Well for Global Risk Management

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2016%2F04%2Fgrowing-awareness-of-cyber-framework-bodes-well-for-global-risk-management%2F)  
[](https://twitter.com/share?text=Growing+Awareness+of+Cyber+Framework+Bodes+Well+for+Global+Risk+Management&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2016%2F04%2Fgrowing-awareness-of-cyber-framework-bodes-well-for-global-risk-management%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2016%2F04%2Fgrowing-awareness-of-cyber-framework-bodes-well-for-global-risk-management%2F&title=Growing+Awareness+of+Cyber+Framework+Bodes+Well+for+Global+Risk+Management&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2016/04/growing-awareness-of-cyber-framework-bodes-well-for-global-risk-management/&ts=markdown)  
\[\](mailto:?subject=Growing Awareness of Cyber Framework Bodes Well for Global Risk Management)  
Link copied  
By [Danielle Kriz](https://www.paloaltonetworks.com/blog/author/danielle-kriz/?ts=markdown "Posts by Danielle Kriz") and [Sean Morgan](https://www.paloaltonetworks.com/blog/author/sean-morgan/?ts=markdown "Posts by Sean Morgan")  
Apr 20, 2016  
4 minutes  
[Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown)  
[Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown)  
[Cybersecurity Framework Workshop](https://www.paloaltonetworks.com/blog/tag/cybersecurity-framework-workshop/?ts=markdown)  
[NIST](https://www.paloaltonetworks.com/blog/tag/nist/?ts=markdown)

*By Danielle Kriz, Sr Director, Global Policy, Palo Alto Networks and Sean Morgan, Advisor, Cybersecurity Policy, Palo Alto Networks*

Earlier this month, Palo Alto Networks joined approximately 1,000 stakeholders at the [Cybersecurity Framework Workshop 2016](http://www.nist.gov/itl/acd/cybersecurity-framework-workshop-2016.cfm), organized and hosted by the National Institute of Standards and Technology (NIST) on its campus in Gaithersburg, Maryland. The workshop represented just the latest example of an ongoing, inclusive dialogue that started during the initial development of the [Framework for Improving Critical Infrastructure Cybersecurity](http://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf) ("the Framework") in 2013 and has continued since its official launch in February 2014.

The workshop highlighted the many ways that governments around the world, and businesses large and small, have uniquely applied the Framework to help manage and reduce their cybersecurity risks. NIST should be commended for its continued efforts to bring together key stakeholders from industry, academia and government to discuss uses and best practices and ensure the Framework remains the flexible, voluntary guidance document it was intended to be. Although the Framework has gathered extensive [support across, and promotion by, multiple industry sectors](http://www.itic.org/dotAsset/07b54d3a-545b-4884-b4f8-010d8fb84dd1.pdf) since its launch -- as evidenced by the broad spectrum of entities engaged in the workshop dialogue -- NIST's leadership and guidance remains essential.

From our perspective, a few key themes emerged at the workshop. One was the growing global dimension of the conversation -- not simply about the Framework itself, but about the broader importance of developing a common cyber risk management lexicon as the world becomes increasingly interconnected. The central tenets of the Framework's Core -- Identify, Protect, Detect, Respond and Recover -- provide precisely this type of shared baseline necessary to facilitate strategic cyber risk management conversations across organizational levels and borders.

One panel, in particular, on international alignment of the Framework, featuring speakers from Japan and Italy, was a testament to this conversation's expanding reach. Increased international engagement in and acceptance of this type of inclusive, public-private partnership approach to cybersecurity policy development is essential. More granularly, a reaffirmation of the value of using globally accepted, industry-led, voluntary consensus standards for cybersecurity risk management will help drive greater competition and innovation in the global marketplace.

Another important discussion at the workshop was how U.S. federal agencies are using the Framework. In fiscal year 2016, the [CIO FISMA Metrics](https://www.dhs.gov/sites/default/files/publications/FY%202016%20CIO%20FISMA%20Metrics%20v1.0.pdf) -- a critical tool for measuring department and agency cybersecurity -- are organized around the Framework's five functions. U.S. federal agencies and contractors in the workshop session reported various degrees of activity; some were already mapping various activities to the Framework, while others reported that more awareness about the Framework was needed. We strongly support the efforts to drive alignment of cybersecurity requirements for federal information systems with the Framework. It is good for federal cybersecurity, exemplifies a best practice to industry, and indicates to other governments around the world the United States' sincerity about utilizing the Framework.

Finally, the workshop featured a series of conversations about the future of the Framework. One question was about the value of updating it. We agree with many in industry that it is too soon to make major changes and move to "version 2.0." The Framework needs to gain traction with a broader diversity of stakeholders to more fully realize its potential as a risk management tool. Any updates should focus on Framework refinement rather than expansion. To this end, like others in industry, we believe that the list of voluntary standards (the "informative references") should be updated if new standards have gained widespread, voluntary global adoption since the Framework was first published. We also believe NIST's efforts to raise awareness about the Framework should reflect global security trends toward threat prevention as an integral part of the "Protect" function.

On these and other issues, NIST used the workshop as an opportunity to solicit stakeholder input, and we encourage that all future decisions continue to be made in the same inclusive and thoughtful manner as that which produced the Framework itself. Since that original inception and throughout its development and implementation, Palo Alto Networks has been a strong advocate for the Framework's importance both individually and as part of broader technology coalitions. As a company, we believe strongly in the principles the Framework espouses: public-private partnership, the importance of sound cyber risk management policies, and a recognition that cybersecurity policies and standards must be considered on a global scale. We look forward to continuing to be a constructive part of this important dialogue.

*** ** * ** ***

## Related Blogs

### [AI Governance](https://www.paloaltonetworks.com/blog/category/ai-governance/?ts=markdown), [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### Improving National Security Through Secure AI](https://www2.paloaltonetworks.com/blog/2025/05/improving-national-security-through-secure-ai/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### Making Every Dollar Count for Federal Cybersecurity](https://www2.paloaltonetworks.com/blog/2025/03/making-every-dollar-count-federal-cybersecurity/)

### [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### NIST Highlights Palo Alto Networks Supply Chain Best Practices](https://www2.paloaltonetworks.com/blog/2020/06/policy-supply-chain-best-practices/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### Palo Alto Networks Commitment to Educating European CEOs and Boards on Cybersecurity as a Business Issue](https://www2.paloaltonetworks.com/blog/2018/06/gov-palo-alto-networks-commitment-educating-european-ceos-boards-cybersecurity-business-issue/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Events](https://www.paloaltonetworks.com/blog/category/events/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### Operationalizing the Call for a Cybersecurity Moonshot](https://www2.paloaltonetworks.com/blog/2018/04/gov-operationalizing-call-cybersecurity-moonshot/)

### [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown)

[#### Securing Our Networks with Women in Cyber](https://www2.paloaltonetworks.com/blog/2017/03/securing-networks-women-cyber/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language