In plain terms. The Cybersecurity Enhancement Act of 2014 directed NIST to facilitate and support the development of a voluntary, industry-led set of standards and best practices to reduce cyber risk to critical infrastructure—the statutory basis for the NIST Cybersecurity Framework. It also authorized federal cybersecurity research and development, workforce programs, and public-awareness efforts.
Citation. Pub. L. 113-274 (Feb. 18, 2014); 15 U.S.C. §§ 272, 7421 et seq..