"NIST Releases Potential Updates to Its Cybersecurity Framework"

The National Institute of Standards and Technology (NIST) has announced its plans to revise its Cybersecurity Framework document, focusing on cyber defense inclusivity for all economic sectors. Updates to the voluntary guidance recently announced by the regulatory agency are based on feedback from a previous workshop on the upcoming Cybersecurity Framework 2.0 and a corresponding Request for Information (RFI) published in early 2022. Some of the responses NIST officials are considering in their development of the updated framework are changes to the recommended cybersecurity best practices, sector-specific needs, and new uses based on modifications to the framework. Other key additions to the new CSF could include protocols for enhancing international collaboration in cybersecurity operations. However, the agency intends to maintain the amount of detail within the existing standards and guidelines, notably within the checklists and objectives, so that the framework remains scalable and applicable to the greatest number of companies. Comments on NIST's Cybersecurity Framework 2.0 are due by March 3, 2023, and will be made publicly available on the document's webpage. This article continues to discuss NIST's plans to make new revisions to its Cybersecurity Framework document.

NextGov reports "NIST Releases Potential Updates to Its Cybersecurity Framework"