NIST Cybersecurity Framework 2.0
Jump to navigation
Jump to search
Paper | |
---|---|
Title | NIST Cybersecurity Framework 2.0 |
Type | report |
Topic | Cybersecurity and Privacy Risk Management |
Publisher | NIST |
Issue | 2024-02-26 |
Date Accessed | 2024-03-01 |
doi | 10.6028/NIST.CSWP.29 |
URL | https://doi.org/10.6028/NIST.CSWP.29 |
File |
The National Institute of Standards and Technology (NIST) has updated the widely used Cybersecurity Framework (CSF), its landmark guidance document for reducing cybersecurity risk. The new 2.0 edition is designed for all audiences, industry sectors and organization types, from the smallest schools and nonprofits to the largest agencies and corporations — regardless of their degree of cybersecurity sophistication.
Major changes to the document include these:
- Explicitly aims to help all organizations — not just those in critical infrastructure, its original target audience — to manage and reduce risks.
- Updates the CSF’s core guidance and includes a suite of resources to help all organizations achieve their cybersecurity goals, with added emphasis on governance as well as supply chains.
- Is based on the outcome of a multiyear process of discussions and public comments aimed at making the framework more effective