Request Demo

CyberStrong, NIST Cybersecurity Framework

NIST Announces the Upcoming Second Draft Update of the Cybersecurity Framework


The National Institute of Standards and Technology released the first version of the Cybersecurity Framework back in 2014, and it was met with excitement by organizations who saw the value in running a risk-based approach.

The document promotes best practices for information security and is being adopted or has already been adopted by over 30% of U.S. businesses to date according to Gartner. Especially in light of recent attacks, there is no better time than now for companies and other organization to protect their data from compromise using the best methods available.

For a while now, the Cybersecurity Framework has been available online for comment as NIST prepares to release its second version. CyberSaint even advertised the link on our site to promote engagement and feedback within our security community. The Cybersecurity Framework is a living document, meaning it is constantly improving and adapting as any robust security program should. Feedback from those adopting it or who plan to adopt it is critical to its success.

Interested in learning successful NIST CSF adoption strategies? Learn to simplify the Framework in our upcoming webinar "How to Simplify the NIST Cybersecurity Framework"

The main areas that will change with the second version will reflect those comments and input from security professionals and businesspeople, specifically on the use of measurements, supply-chain risks and access authentication - according to NIST’s Kevin Stine. The second draft will be available in “a few weeks” for comment in the same manner that the first draft was available.

One of the biggest hurdles to adopting the NIST Cybersecurity Framework is that of measurement.

An organization’s ability to measure their cybersecurity posture is a nice idea, but in practice it’s quite difficult to come up with an actionable method of doing so. The CSF is a set of best practices that changes as we learn more about how to run adaptive security programs, but doesn’t instruct those using its methods on how to measure their success. 

CyberSaint’s platform is the only platform that not only gives a metric for how your organization is current doing on NIST Cybersecurity Framework adoption, but also measures your adaptiveness to the Framework. CyberStrong’s recommendation engine gives you a set of plans to choose from to improve your posture weighing cost and impact, which is critical to making your budget for improving your cybersecurity program. 

Additionally, over 25 of the requirements are immediately addressed within the platform - threat monitoring, measurement, and others. The process can take a long time, as we’ve seen customers who have taken months or even a year to compile the data they need to do so. CyberStrong gets you working in just a few hours and adoption can take just weeks by using the platform's intuitive interface and intelligent recommendations.

Learn How CyberStrong Streamlines the NIST Cybersecurity Framework Adoption


You may also like

Prioritizing Cyber Risk Management ...
on July 6, 2020

The risk posed to organizations by cybersecurity threats is large and increasing. COVID-19 related adjustments at home and at work, the move to a remote workforce, and increasing ...

Alison Furneaux
Critical Capabilities of IT Risk ...
on June 22, 2020

Risk management is rapidly becoming the foundation of organizational security efforts, replacing checklist compliance as a cornerstone of a successful security program. This shift ...

What is Cyber Risk Management
on June 21, 2020

Risk management is a fundamental component of any successful organization and has been since the dawn of corporations as we know them. The primary function of risk management as a ...

Cybersecurity Risks Have Changed ...
on June 10, 2020

CyberSaint will host a cybersecurity risk management webinar, live on June 17th, 2020at 12:00pm EST and available on-demand when you register to attend with this link.  The recent ...

Alison Furneaux
What is NIST SP 800 30
on June 10, 2020

The National Institute of Standards and Technology’s Cybersecurity Framework (CSF) is known in cybersecurity as the gold standard framework for computer security guidance, it can ...

Cybersecurity Maturity Model ...
on July 1, 2020

Why DFARS / NIST SP 800-171? A few years back, the United States Department of Defense (DoD) released a new regulation, a Defense Federal Acquisition Regulation Supplement, or ...