On August 8, 2023, the National Institute of Standards and Technology (NIST) released the initial draft of its Cybersecurity Framework 2.0 and draft Implementation Examples for public comment ...

For example, a primary change NIST made between the 2014 and 2019 versions of its cybersecurity framework was the expansion of the section on supply chain risk management, specifically the subsection ...

Discover how NIST’s updated Cybersecurity Framework 2.0 enhances governance, supply chain security and risk management across all sectors. Updates by the National Institute of Standards and Technology ...

NIST is accepting comments on the framework through April, 25, and, among other things, is seeking “suggestions for improving alignment or integration of the Cybersecurity Framework with other ...

NIST refines Cybersecurity Security Framework, with increased focus on governance and supply chain Stacy Hadeka , Soojin Jeong , Peter Marta , Katy J. Milner , Dan Ongaro , Paul Otto , Nathan ...

On February 12, 2014, the US National Institute of Standards and Technology (NIST) issued a landmark document, the Framework for Improving Critical Infrastructure Cybersecurity (CSF).Four years ...

This two-part series summarizes modern security practices as advised by NIST’s latest guidelines, a framework that ...

Along with the overall framework, NIST released the CSF’s Quick Start Guides (QSG) with implementation examples that allow entities to “view and download notional examples of concise, action-oriented ...

While the government agency's original framework focused on securing critical infrastructure, 2.0 expands to include guidance for all organizations and enterprises — no matter their size or focus.

Current assessment of the NIST Cybersecurity Framework. Virtually all the commenters praised the framework and the benefits of adopting it. For example, American Airlines, in its submission, said ...

In January, NIST teased forthcoming updates to the framework and published a concept paper intended to spur feedback from industry. The Commerce Department bureau will hold a workshop in the fall to ...

But, in general, the industry wants NIST to avoid making any changes at all to the choose-your-own-adventure document that has guided risk management and U.S. cybersecurity policy for almost a decade.