NIST CSF 2.0 Broadens Scope to Cover All Industries
A long-awaited update to the National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF) expands the guidance’s scope to address a wider range of cyber professionals working in sectors beyond critical infrastructure. The latest version, released on Monday, features expanded standards for improving organizational cyber posture and a new focus on best practices for internally governing security risks.
The update to NIST’s voluntary framework, a compliance resource used by the private sector, is part of a broader federal push to bolster cybersecurity practices and regulations.
NIST released its first CSF in 2014, at the direction of a presidential executive order to help organizations, specifically critical infrastructure, mitigate cybersecurity risk. CSF 2.0 builds on the existing five basic functions (Identify, Protect, Detect, Respond, and Recover) and has been updated to include a sixth, Govern. NIST's CSF 2.0 also addresses supply chain risks. Read more about this story on our LinkedIn page
The update to NIST’s voluntary framework, a compliance resource used by the private sector, is part of a broader federal push to bolster cybersecurity practices and regulations.
NIST released its first CSF in 2014, at the direction of a presidential executive order to help organizations, specifically critical infrastructure, mitigate cybersecurity risk. CSF 2.0 builds on the existing five basic functions (Identify, Protect, Detect, Respond, and Recover) and has been updated to include a sixth, Govern. NIST's CSF 2.0 also addresses supply chain risks. Read more about this story on our LinkedIn page