In February of this year, President Obama issued an Executive Order on Improving Critical Infrastructure Cybersecurity. The Executive Order directed the National Institute of Standards and Technology (NIST) to develop a Cybersecurity Framework to assist owners and operators of critical infrastructure in addressing cybersecurity risks. On October 29, NIST published a preliminary version of the Framework (the “Preliminary Framework”), which is open for public comment through December 13. NIST intends to issue a final version in February 2014. The creation of the framework has, of course, been a major development in the information security community – according to NIST Director Patrick Gallagher, approximately three thousand individuals have been involved to date in the development of the Preliminary Framework. But privacy professionals should be paying attention to the framework as well.