Adoption of the framework is voluntary, but the U.S. Department of Homeland Security has established the Critical Infrastructure Cyber Community (C3) Voluntary Program to increase awareness of the framework. The C3 Voluntary Program will connect companies, as well as federal, state and local government entities, to DHS and other federal government programs that can help them manager their risks, the White House said.
Participants will be able to share lessons learned and get free tools aimed at improving their cybersecurity programs.
Some tech trade groups praised the framework, with mobile group CTIA saying it represented a "potentially important step forward." CTIA also called on Congress to pass legislation allowing companies to more easily share cyberthreat information with each other and with the government.
Internet Security Alliance President Larry Clinton praised the framework but said more action is needed.
"In Olympic terms, today marks the end of the preliminary rounds, we are on the right track but we haven't won any gold medals for cybersecurity yet," Clinton said by email. "The most important element of the effort so far is that we have moved away from trying to impose a government centric set of mandates on industry and instead are attempting to create a program based on industry developed standards and practices where voluntary adoption is motivated by market incentives."
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is firstname.lastname@example.org.