NIST Releases Major New Version of Cybersecurity Framework

By

This is the framework’s first major update since 2014.

The National Institute of Standards and Technology (NIST) has released a major new version of the Cybersecurity Framework (CSF), its widely used guidelines document for reducing cybersecurity risk.

According to the announcement, the 2.0 edition now “explicitly aims to help all organizations – not just those in critical infrastructure, its original target audience – to manage and reduce risks.”

The framework includes an array of resources to help organizations navigate the guidelines, including:

The CSF 2.0’s expanded scope also has a “new focus on governance, which encompasses how organizations make and carry out informed decisions on cybersecurity strategy.

The CSF’s governance component emphasizes that cybersecurity is a major source of enterprise risk that senior leaders should consider alongside others such as finance and reputation.”
Learn more at NIST.
 
 
 

 
 
 

03/06/2024
cybersecurity , enterprise , Security

Related content

  • NIST Releases Draft of Cybersecurity Security Framework v2.0
    more »
  • News for Admins
    In the news: DHS Releases New Guidelines for Securing Critical Infrastructure; Datadog Report Examines DevSecOps Best Practices; Upskilling Key to Tech Staffing Challenges, Says LF Survey; 2024 Open Source Pros Job Survey Report Released; OpenSSF Issues Guidance to Help Prevent Social Engineering Attacks; Black Duck Supply Chain Edition Released by Synopsys; Spectra Logic Announces New Tape Libraries and Management Software; LPI Launches Open Source Essentials Program; Apache Software Foundation Celebrates 25 Years; SUSE Announces Rancher Prime 3.0; NSA Issues Zero Trust Guidelines for Network Security; and NIST Releases Major New Version of Cybersecurity Framework.
    more »
  • Photo by Braden Collum on Unsplash
    Understanding Cybersecurity Maturity Model Certification
    United States Cybersecurity Maturity Model Certification will be required by mid-2023 to handle controlled unclassified information and win federal contracts, but it can also help minimize business risk and keep information out of the hands of adversaries.
    more »
  • News for Admins
    In the news: Red Hat Announces Ansible Lightspeed with IBM watsonx Code Assistant; Dell APEX Cloud Platform for Red Hat OpenShift Announced; NSA Offers Best Practices for OSS in Operational Technology Environments; Civil Infrastructure Platform Adds New Super-Long-Term Linux Kernel; HTTP/2 Protocol Exploited in Largest DDoS Attack Ever; Docker Announces Three New Products for Secure App Delivery; CloudBees Updates Jenkins and Offers New DevSecOps Platform; Linkerd 2.14 Released with Improved Multi-Cluster Support; NIST Releases Draft of Cybersecurity Framework v2.0; CISA and MITRE Announce Open Source Caldera for OT
    more »
  • News for Admins
    In the news: NIST Updates Cybersecurity Framework; Poor Cloud Security Practices Put Organizations at Risk; ORNL and NOAA Launch New Supercomputer for Climate Research; DOE Envisions New High Performance Data Facility; VMware Updates Tanzu with New Security Features; Microsoft Launches AI-Powered Security Copilot; IBM Deploys First Quantum Computer Dedicated to Healthcare Research; LPI Announces IT Security Essentials Certification
    more »
comments powered by Disqus