Request Demo

CyberStrong, NIST Cybersecurity Framework

NIST Announces the Upcoming Second Draft Update of the Cybersecurity Framework


The National Institute of Standards and Technology released the first version of the Cybersecurity Framework back in 2014, and it was met with excitement by organizations who saw the value in running a risk-based approach.

The document promotes best practices for information security and is being adopted or has already been adopted by over 30% of U.S. businesses to date according to Gartner. Especially in light of recent attacks, there is no better time than now for companies and other organization to protect their data from compromise using the best methods available.

For a while now, the Cybersecurity Framework has been available online for comment as NIST prepares to release its second version. CyberSaint even advertised the link on our site to promote engagement and feedback within our security community. The Cybersecurity Framework is a living document, meaning it is constantly improving and adapting as any robust security program should. Feedback from those adopting it or who plan to adopt it is critical to its success.

Interested in learning successful NIST CSF adoption strategies? Learn to simplify the Framework in our upcoming webinar "How to Simplify the NIST Cybersecurity Framework"

The main areas that will change with the second version will reflect those comments and input from security professionals and businesspeople, specifically on the use of measurements, supply-chain risks and access authentication - according to NIST’s Kevin Stine. The second draft will be available in “a few weeks” for comment in the same manner that the first draft was available.

One of the biggest hurdles to adopting the NIST Cybersecurity Framework is that of measurement.

An organization’s ability to measure their cybersecurity posture is a nice idea, but in practice it’s quite difficult to come up with an actionable method of doing so. The CSF is a set of best practices that changes as we learn more about how to run adaptive security programs, but doesn’t instruct those using its methods on how to measure their success. 

CyberSaint’s platform is the only platform that not only gives a metric for how your organization is current doing on NIST Cybersecurity Framework adoption, but also measures your adaptiveness to the Framework. CyberStrong’s recommendation engine gives you a set of plans to choose from to improve your posture weighing cost and impact, which is critical to making your budget for improving your cybersecurity program. 

Additionally, over 25 of the requirements are immediately addressed within the platform - threat monitoring, measurement, and others. The process can take a long time, as we’ve seen customers who have taken months or even a year to compile the data they need to do so. CyberStrong gets you working in just a few hours and adoption can take just weeks by using the platform's intuitive interface and intelligent recommendations.

Learn How CyberStrong Streamlines the NIST Cybersecurity Framework Adoption


You may also like

The Cybersecurity Skills Gap: The ...
on February 7, 2019

The cybersecurity skills gap is nothing new to the seasoned cyber professional. It has been widely discussed in cyber and information security circles for some time. The main flag ...

George Wrenn
The Post-Digitization CISO
on February 5, 2019

Information leaders in digital businesses, whether focusing on optimization or a full transformation, are inherently altering their position among the executive leadership. As ...

Integrated Risk Management and ...
on January 31, 2019

With technology permeating every aspect of a business, one begins to wonder what technology is reserved for digital risk management rather than the other facets of integrated risk ...

Department of Defense Launches ...
on January 29, 2019

The Defense Federal Acquisition Regulation Supplement (DFARS) mandate, specifically Clause 252.204-7012 requiring all members of the Department of Defense’s supply chain to comply ...

Digital Risk Management Frameworks
on January 24, 2019

As organizations continue to embrace digitization, security teams are faced with the challenge of keeping the enterprise secure while empowering growth and innovation. Many CISO’s ...

The Cybersecurity Impact Of The ...
on January 23, 2019

There has been a great deal of speculation around the cybersecurity posture of the nation in light of the most recent (and longest documented) government shutdown. I’ve seen two ...

George Wrenn