This news release is from the previous Governor's administration.
For Immediate Release: February 12, 2014
Contacts: Office of the Governor: Brian Coy, 804-225-4260

Governor McAuliffe Announces Virginia Adopts National Cybersecurity Framework


Commonwealth is first to use new framework as part of efforts to reduce cybersecurity risks to critical infrastructure


RICHMOND - Governor Terry McAuliffe announced today that the Commonwealth of Virginia will adopt the new National Institute of Standards and Technology (NIST) framework into the existing Commonwealth risk framework to help identify and communicate cybersecurity risks. 

NIST today announced the framework, and Virginia immediately adopted it into existing cybersecurity efforts. 

“Adding this framework to the existing efforts led by the Secretary of Technology, Chief Information Officer, Chief Information Security Officer and the Virginia Information Technologies Agency will strengthen the Commonwealth’s ability to fight cyber crime and further enhance Virginia’s position as a leader in cybersecurity,” Governor McAuliffe said. “Virginia has an award-winning cybersecurity program in place, but must continue to advance our ability to keep our families and businesses safe and make the Commonwealth the national hub for the cybersecurity industry and the jobs that come with it.” 

The new framework will help to enhance the systematic process for identifying, assessing, prioritizing and communicating cybersecurity risks; efforts to address risks; and, steps needed to reduce risks as part of the state’s broader priorities. 

NIST coordinated the development of the framework with a broad array of stakeholders from the public and private sectors as a result of a federal executive order to develop a way to address cybersecurity risks to critical infrastructure. Input was provided by public and private infrastructure owners and operators, industry leaders and other stakeholders in workshops, meetings, webinars and other information sessions over the past year.