NIST Releases Major New Version of Cybersecurity Framework
The National Institute of Standards and Technology (NIST) has released a major new version of the Cybersecurity Framework (CSF), its widely used guidelines document for reducing cybersecurity risk.
According to the announcement, the 2.0 edition now “explicitly aims to help all organizations – not just those in critical infrastructure, its original target audience – to manage and reduce risks.”
The framework includes an array of resources to help organizations navigate the guidelines, including:
The CSF 2.0’s expanded scope also has a “new focus on governance, which encompasses how organizations make and carry out informed decisions on cybersecurity strategy.
The CSF’s governance component emphasizes that cybersecurity is a major source of enterprise risk that senior leaders should consider alongside others such as finance and reputation.”
Learn more at NIST.