Re: NIST Cyber Framework
You're right, it is an important document, though hardly a first step. The Bush and Obama administrations have issued a number of executive orders, created task forces, and commissioned recommendations before. This document does have the weight of a presidential executive order, and President Obama's name, behind it.
As to the focus, it's not brick and mortar but rather a comprehensive collection of practices for managing cybersecuritiy risks -- broken down into five core areas on how to Identify, Protect, Detect, Respond, and Recover from cyber security threats.
Read more at: