The SEMI Semiconductor Manufacturing Cybersecurity Consortium (SMCC) has collaborated with the National Institute of Standards and Technology (NIST) to develop a specialized cybersecurity community profile tailored for the semiconductor industry. Now, they are inviting public feedback on this profile, designed to align with the NIST Cybersecurity Framework 2.0 (CSF 2.0). This initiative aims to fortify the industry’s defenses against cyber threats and enhance overall resilience.

Cyber Technology Insights: GreyNoise Report Warns of Rapid, Repeating Cyber Threats

Public Commentary Period and Engagement Opportunities

Stakeholders have the opportunity to review and provide input on the profile between February 27 and April 14, 2025. Additionally, a public workshop scheduled for March 13, 2025, will serve as a platform to discuss feedback and strategize next steps.

NIST and SMCC encourage cybersecurity professionals, semiconductor manufacturers, engineers, architects, equipment suppliers, and industry representatives to participate. Interested individuals can access the profile for review and submit feedback through the National Cybersecurity Center of Excellence (NCCoE) website. Those who wish to stay updated can also join the Community of Interest.

Cyber Technology Insights: Morphisec Offers Ransomware-Free Guarantee for Security

A Collaborative Approach to Strengthen Cybersecurity

Melissa Grupen-Shemansky, Ph.D., CTO and Vice President of Technology Communities at SEMI, emphasized the growing need for cybersecurity in semiconductor manufacturing, given the industry’s rapid expansion towards a $1 trillion annual revenue target. She highlighted that the joint effort between NIST, SEMI, and industry leaders is fostering resilience while ensuring the security of technology for consumers.

Sanjay Rekhi, Group Leader of the Security Components and Mechanisms Group at NIST, noted that this comprehensive framework safeguards semiconductor manufacturing against emerging cyber threats and vulnerabilities. He stressed that this initiative aligns with broader efforts to protect critical infrastructure, particularly in securing semiconductor supply chains.

Cyber Technology Insights: CXT Software Achieves SOC 2 Badge for Data Security

Advancing the National Cybersecurity Strategy

In alignment with the 2023 National Cybersecurity Strategy, the White House Office of the National Cyber Director (ONCD) has incorporated this profile under initiative 5.5.5 of the National Cybersecurity Strategy Implementation Plan Version 2. Recognizing the industry’s need for tailored cybersecurity solutions, SMCC formed a dedicated working group (WG4), collaborating with federal agencies and industry experts to develop this profile. The working group includes representatives from Advanced Energy Industries, Applied Materials, ASML, IBM, Intel, PEER Group, Texas Instruments, Tokyo Electron Limited, and TxOne Networks.

Doug Suerich, Director of Marketing at PEER Group and SMCC governing council member, underscored the power of industry collaboration in addressing complex security challenges. Raj Potturi, Senior Director of Information Security & Risk Management at Applied Materials, emphasized the profile’s role in tackling the growing cybersecurity challenges of the semiconductor sector. Meanwhile, Daniel Pletea, SMCC WG4 Co-chair, stressed the importance of broad adoption of this profile to reduce cybersecurity risks for semiconductor manufacturers. He also revealed plans to develop an implementation guide through continued collaboration between NIST and SEMI.

Cyber Technology Insights: Active Cyber Unveils Okorio: Elite Workday Consultancy

FAQs

1. What is the NIST Semiconductor Manufacturing Community Profile?

The profile is a cybersecurity framework designed specifically for the semiconductor industry. It aligns with NIST Cybersecurity Framework 2.0 (CSF 2.0) and aims to enhance cybersecurity resilience in semiconductor manufacturing.

2. Why is public feedback important for this profile?

Public input ensures that the framework reflects real-world challenges, incorporates diverse perspectives, and effectively addresses cybersecurity risks across the semiconductor supply chain.

3. Who can provide feedback on the profile?

Cybersecurity professionals, semiconductor manufacturers, equipment suppliers, engineers, architects, and industry stakeholders are encouraged to review and contribute their insights.

4. How can I review and comment on the profile?

You can access the profile through the National Cybersecurity Center of Excellence (NCCoE) website and submit feedback before April 14, 2025.

5. What are the next steps after the public feedback period?

Following the feedback phase, a public workshop on March 13, 2025, will review comments and plan further improvements. The final version of the profile is expected to be released in Q3 of fiscal year 2025.

6. How does this initiative support the National Cybersecurity Strategy?

The profile is part of initiative 5.5.5 in the National Cybersecurity Strategy Implementation Plan Version 2, aiming to secure global supply chains for information, communications, and operational technology products.

7. What impact will the profile have on semiconductor cybersecurity?

It provides a strategic roadmap to mitigate cybersecurity risks, protect critical infrastructure, and strengthen the resilience of semiconductor manufacturers against cyber threats.

Cyber Technology Insights: vBoxx Unveils Secure Cloud Solution, Calls on EU to Strengthen Data Sovereignty

For more details and to participate in the public feedback process, visit the NCCoE website and join the Community of Interest today!

To participate in our interviews, please write to our CyberTech Media Room at news@intentamplify.com