Request Demo

NIST Cybersecurity Framework

NIST Releases a Draft Update to the Cybersecurity Framework (CSF)

down-arrow

On January 10th, The National Institute of Standards and Technology released an update to the The Cybersecurity Framework (CSF). According to NIST, “The draft Version 1.1 of Cybersecurity Framework refines, clarifies, and enhances the predecessor version 1.0.” The changes built upon comments and feedback from industry, a workshop of 800 industry professionals at Gaithersburg, Maryland in April of 2016, and ongoing collaboration with both public and private institutions. 

The CSF is the most comprehensive cybersecurity framework in existence, and represents the expertise of over 3000 industry professionals. Version 1.0 was released in February, 2014. The new update, version 1.1, augments the Framework with contributions on cybersecurity measurement, supply chain risk management, and further refinements. 

From the update: “Cybersecurity threats exploit the increased complexity and connectivity of critical infrastructure systems, placing the Nation’s security, economy, and public safety and health at risk. The Framework enables organizations – regardless of size, degree of cybersecurity risk, or cybersecurity sophistication – to apply the principles and best practices of risk management to improving the security and resilience of critical infrastructure.”

Version 1.1 of the CSF, after a comments period and another workshop in the spring, will likely be published by fall 2017.

For more: 

From SC Magazine.

Link to the Updated Draft: https://www.nist.gov/cyberframework/draft-version-11

You may also like

The Cybersecurity Skills Gap: The ...
on February 7, 2019

The cybersecurity skills gap is nothing new to the seasoned cyber professional. It has been widely discussed in cyber and information security circles for some time. The main flag ...

George Wrenn
The Post-Digitization CISO
on February 5, 2019

Information leaders in digital businesses, whether focusing on optimization or a full transformation, are inherently altering their position among the executive leadership. As ...

Integrated Risk Management and ...
on January 31, 2019

With technology permeating every aspect of a business, one begins to wonder what technology is reserved for digital risk management rather than the other facets of integrated risk ...

Department of Defense Launches ...
on January 29, 2019

The Defense Federal Acquisition Regulation Supplement (DFARS) mandate, specifically Clause 252.204-7012 requiring all members of the Department of Defense’s supply chain to comply ...

Digital Risk Management Frameworks
on January 24, 2019

As organizations continue to embrace digitization, security teams are faced with the challenge of keeping the enterprise secure while empowering growth and innovation. Many CISO’s ...

The Cybersecurity Impact Of The ...
on January 23, 2019

There has been a great deal of speculation around the cybersecurity posture of the nation in light of the most recent (and longest documented) government shutdown. I’ve seen two ...

George Wrenn