Free Cyber Risk Analysis: Your Top Cyber Risks in 3 Clicks

Get Started
Request Demo

The National Institute of Standards and Technology’s Cybersecurity Framework (CSF) is known in cybersecurity as the gold standard framework for cybersecurity and risk guidance; it can assess and improve an organization’s ability to prevent, detect, and respond to cyber threats. Considering the evolving nature of the cybersecurity industry, NIST has published changes to NIST CSF 2.0.

NIST CSF 2.0 Update in CyberStrong

CyberStrong users can now benchmark to NIST CSF 2.0. The CSF 2.0 has been added as a reference framework for reporting, and the CSF 2.0 Sub Categories have been uploaded as a public framework. One of the significant updates to the revised framework is adding a new core function, Govern. The six core functions will expand into 22 categories and 106 subcategories.

In addition, a new scoring model has been added to this framework: Partial (Tier1), Risk-Informed (Tier 2), Repeatable (Tier 3), and Adaptive (Tier 4)

Users can conduct crosswalks from CSF 2.0 to CSF 1.1, and CSF 2.0 has been mapped to NIST 800-53 Rev. 5 controls.

Important NIST Updates to the CSF 2.0

The CSF 2.0 is now a flexible guideline for all companies looking to mature their cybersecurity practices. This expansion reflects NIST's acknowledgment of the universal importance of cybersecurity and the pressing need for comprehensive cyber risk management strategies.

NIST has augmented CSF 2.0 with a suite of resources tailored to different user groups to facilitate seamless adoption and implementation. These resources range from implementation examples to quick-start guides catering to organizations' specific needs and challenges. These resources also offer implementation examples and suggest creating a community profile to connect and discuss with peers.

CyberStrong is an advanced cybersecurity risk management platform that can streamline your efforts towards benchmarking against the NIST CSF 2.0, NIST 800-30, NIST 800-53, and many other gold standard frameworks.

Schedule a demo to see how CyberStrong can help you address any framework or standard, such as ISO 27001, CIS, PCI, and custom frameworks and controls. Monitor control scores automatically with patented Continuous Control Automation (CCA).

 

You may also like

Bridging the Gap: Mastering ...
on April 15, 2024

In today's digital landscape, cybersecurity has become essential to corporate governance. With the increasing frequency and sophistication of cyber threats, the SEC has set forth ...

March Product Update
on March 21, 2024

The CyberSaint team is dedicated to advancing the CyberStrong platform to meet your cyber risk management needs. These latest updates will empower you to benchmark your ...

Empowering Cyber Risk Modeling ...
on March 20, 2024

The practice of cyber risk management is cyclical. You start by assessing your cyber risk environment. That step includes identifying risks and classifying them in buckets. Then, ...

Leveraging the Executive Dashboard ...
on March 27, 2024

In the fast-paced business world, CISOs and C-suite executives constantly juggle multiple responsibilities, from budgeting to strategic planning. However, in today's digital ...

NIST CSF 2.0 Updates in CyberStrong
on April 4, 2024

The National Institute of Standards and Technology’s Cybersecurity Framework (CSF) is known in cybersecurity as the gold standard framework for cybersecurity and risk guidance; it ...

Building a Defensible Cyber ...
on March 11, 2024

Cyber threats are ever-present in the digital landscape. Just as a hero needs a trusty map, organizations need a cyber security risk management plan to navigate the dynamic and ...