On August 8, 2023, the National Institute of Standards and Technology (NIST) released the initial draft of its Cybersecurity Framework 2.0 and draft Implementation Examples for public comment.

For example, a primary change NIST made between the 2014 and 2019 versions of its cybersecurity framework was the expansion of the section on supply chain risk management, specifically the subsection ...

As set forth in the Cybersecurity Framework, examples of the categories under each function include: Identify: Asset Management, Business Environment; Governance; and Risk Assessment ...

One example of the guidance the framework provides concerns third-party cybersecurity risks. Within the "Govern" function, under the category "Cybersecurity Supply Chain Risk Management," there is a ...

Whether a well-established company or one just getting started with cybersecurity risk management programs, those in the industry often can use a little help navigating the cumbersome and technical ...

NIST has released a draft version 2.0 of the Cybersecurity Framework. Here’s what you need to know and how to get your recommendations included.

Along with the overall framework, NIST released the CSF’s Quick Start Guides (QSG) with implementation examples that allow entities to “view and download notional examples of concise, action-oriented ...

On February 12, 2014, the US National Institute of Standards and Technology (NIST) issued a landmark document, the Framework for Improving Critical Infrastructure Cybersecurity (CSF).Four years ...

CSF 2.0 will provide quick-start guides for different types of organizations, implementation examples, and a suite of resources to assist in the adoption of the framework. New for 2.0 is the Reference ...

The NISTIR provides more detail on what NICE Framework Competencies are, including their evolution and development and example uses from various stakeholder perspectives. Released in conjunction with ...