NIST is planning a significant update of its Cybersecurity Framework. At this point, it’s asking for feedback and comments to its concept paper.
Do the proposed changes reflect the current cybersecurity landscape (standards, risks, and technologies)?
Are the proposed changes sufficient and appropriate? Are there other elements that should be considered under each area?
Do the proposed changes support different use cases in various sectors, types, and sizes of organizations (and with varied capabilities, resources, and technologies)?
Are there additional changes not covered here that should be considered?
For those using CSF 1.1, would the proposed changes affect continued adoption of the Framework, and how so?
For those not using the Framework, would the proposed changes affect the potential use of the Framework?
The NIST Cybersecurity Framework has turned out to be an excellent resource. If you use it at all, please help with version 2.0.
More Stories
How to Avoid Romance Scams
It’s the romance scam story that plays out like a segment on a true crime show. It starts with a...
“Junk gun” ransomware: the cheap new threat to small businesses
A wave of cheap, crude, amateurish ransomware has been spotted on the dark web - and although it may not...
US Takes Down Illegal Cryptocurrency Mixing Service Samourai Wallet
The two founders of Samourai Wallet have been charged with money laundering and unlicensed money-transmitting offenses Read More
Hacker posts fake news story about Ukrainians trying to kill Slovak President
Czech news agency ČTK announced on Tuesday that a hacker had managed to break into its systems and published fake...
State-Sponsored Espionage Campaign Exploits Cisco Vulnerabilities
An advisory from Cisco Talos has highlighted a sophisticated cyber-espionage campaign targeting government networks globally Read More
How to Protect Your Smartphone from SIM Swapping
You consider yourself a responsible person when it comes to taking care of your physical possessions. You’ve never left your wallet in...