"NIST Drafts Major Update to Its Widely Used Cybersecurity Framework"

Since its initial publication nearly a decade ago, the world's leading cybersecurity guidance is undergoing its first major update. The National Institute of Standards and Technology (NIST) has released a draft version of the Cybersecurity Framework (CSF) 2.0, a new version of a tool it released in 2014 to help organizations understand and communicate cybersecurity risks as well as reduce them. The draft update NIST released for public comment reflects changes in the cybersecurity landscape and makes it easier for all organizations to put the CSF into practice. The CSF provides high-level guidance, including a common language and systematic methodology for managing cybersecurity risk across industries and facilitating communication between technical and nontechnical staff. It includes activities that can be added to cybersecurity programs and customized to suit the specific requirements of an organization. Since its publication a decade ago, users have downloaded the CSF over two million times in more than 185 countries. This article continues to discuss the draft version of CSF 2.0.

NIST reports "NIST Drafts Major Update to Its Widely Used Cybersecurity Framework"