The U.S. National Institute of Standards and Technology (NIST) hosted its first workshop yesterday on the Cybersecurity Framework (CSF) 2.0, an update to the CSF 1.1 released in 2018, which was itself an update to the original CSF released in 2014. Many cybersecurity professionals, and some NIST experts, consider the framework to be the “Rosetta stone” for managing all organizations’ cybersecurity risks.
Heading into the workshop, NIST issued a request for information, asking commenters to answer questions about bringing the CSF up-to-speed on some emerging developments that were only partially covered in the first two versions or not referenced at all. Comments submitted to NIST reflected a wide range of considerations, encouraging NIST to make several improvements including a greater emphasis on measurements and metrics related to the CSF, beefing up supply chain security sections, and offering more implementation guidance on how to adopt the framework. Overall, commenters praised the effort as valid and valuable.
To read this article in full, please click here
More Stories
Quantum Computing and Cybersecurity – Preparing for a New Age of Threats
The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of...
LinkedIn Pauses GenAI Training Following ICO Concerns
The Information Commissioner’s Office says it’s pleased that LinkedIn has temporarily suspended its generative AI model training Read More
German Police Shutter 47 Criminal Crypto Exchanges
Officers in Germany have shut down 47 cryptocurrency exchanges they accused of facilitating cybercrime Read More
Friday Squid Blogging: Squid Game Season Two Teaser
The teaser for Squid Game Season Two dropped. Blog moderation policy. Read More
Clever Social Engineering Attack Using Captchas
This is really interesting. It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually...
US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities
In its fourth annual report, the US Cyberspace Solarium Commission highlighted the need to focus on securing critical infrastructure and...