.png)
.png)
.png)
%201.png)
.png)
The National Institute of Standards and Technology’s Cybersecurity Framework (CSF) is recognized in cybersecurity as the gold standard for cybersecurity and risk guidance, enabling organizations to assess and improve their ability to prevent, detect, and respond to cyber threats. Considering the evolving nature of the cybersecurity industry, NIST has published changes to NIST CSF 2.0.
NIST CSF 2.0 Mapping Updates
Changes Made to CyberStrong
CyberStrong users can now benchmark to NIST CSF 2.0. The CSF 2.0 has been added as a reference framework for reporting, and the CSF 2.0 Sub Categories have been uploaded as a public framework. One of the significant updates to the revised framework is the addition of a new core function, Govern. The six core functions will expand into 22 categories and 106 subcategories.
In addition, a new scoring model has been added to this framework: Partial (Tier 1), Risk-Informed (Tier 2), Repeatable (Tier 3), and Adaptive (Tier 4)
Users can conduct crosswalks from CSF 2.0 to CSF 1.1, and CSF 2.0 has been mapped to NIST 800-53 Rev. 5 controls.
Differences Between CSF 1.1 and CSF 2.0
The CSF 2.0 is now a flexible guideline for all companies looking to mature their cybersecurity practices. This expansion reflects NIST's acknowledgment of the universal importance of cybersecurity and the pressing need for comprehensive cyber risk management strategies.
NIST has enhanced CSF 2.0 with a suite of resources tailored to various user groups, facilitating seamless adoption and implementation. These resources range from implementation examples to quick-start guides catering to organizations' specific needs and challenges. These resources also offer implementation examples and suggest creating a community profile to connect and discuss with peers.
Automate Compliance with NIST CSF 2.0 & Reduce Manual Workload
CyberStrong is an advanced cybersecurity risk management platform that streamlines your efforts to benchmark against the NIST CSF 2.0, NIST 800-30, NIST 800-53, and other gold-standard frameworks.
Schedule a demo to see how CyberStrong can help you address any framework or standard, such as ISO 27001, CIS, and custom frameworks and controls. Monitor control scores automatically with Continuous Compliance Automation.
