NIST wants to explore better ways to align the CSF with other NIST guidance, such as the Privacy Framework, Secure Software Development Framework, Risk Management Framework, Workforce Framework for Cybersecurity (also called the NICE Framework), and its series on IoT cybersecurity.
Credit: N. Hanacek/NIST
To keep pace with the always evolving cybersecurity landscape, the National Institute of Standards and Technology (NIST) is planning to revise the widely adopted NIST Cybersecurity Framework (CSF). In advance of the update, NIST is asking the public for information that would improve the effectiveness of the CSF and its alignment with other cybersecurity resources. The agency is also requesting suggestions to inform cybersecurity guidance related to supply chain risks.
“Every organization needs to manage cybersecurity risk as a part of doing business, whether it is in industry, government or academia,” said Commerce Deputy Secretary Don Graves. “It is critical to their resilience and to our nation’s economic security. There are many tools available to help, and the CSF is one of the leading frameworks for private sector cybersecurity maintenance. We want private and public sector organizations to help make it even more useful and widely used, including by small companies.”
“This is a planned update to keep the CSF current and ensure that it is aligned with other tools that are commonly used.” —NIST Chief Cybersecurity Advisor Kevin Stine
This marks the second time that NIST will update the CSF, formally known as the Framework for Improving Critical Infrastructure Cybersecurity, which it initially released in 2014 after extensive public ..
Support the originator by clicking the read the rest link below.
