NIST Cybersecurity Framework 2.0

From OpenCommons
Revision as of 00:40, March 4, 2024 by Pinfold (talk | contribs)
Jump to navigation Jump to search


Paper
Title NIST Cybersecurity Framework 2.0
Type report
Topic Cybersecurity and Privacy Risk Management
Publisher NIST
Author
Journal
Volume
Issue 2024-02-26
Date Accessed 2024-03-01
Pages
doi 10.6028/NIST.CSWP.29
URL https://doi.org/10.6028/NIST.CSWP.29
File Paper
Tag

The National Institute of Standards and Technology (NIST) has updated the widely used Cybersecurity Framework (CSF), its landmark guidance document for reducing cybersecurity risk. The new 2.0 edition is designed for all audiences, industry sectors and organization types, from the smallest schools and nonprofits An image of a road with different NIST CSF resources labeled along the pathto the largest agencies and corporations — regardless of their degree of cybersecurity sophistication. Major changes to the document include these:

  • Explicitly aims to help all organizations — not just those in critical infrastructure, its original target audience — to manage and reduce risks.
  • Updates the CSF’s core guidance and includes a suite of resources to help all organizations achieve their cybersecurity goals, with added emphasis on governance as well as supply chains.
  • Is based on the outcome of a multiyear process of discussions and public comments aimed at making the framework more effective