Using the NIST Cybersecurity Framework to address organizational risk

Read Time:41 Second

The U.S. federal government has been very active the past year, particularly with the cybersecurity executive order (EO) and associated tasks and goals that have come out of it. One framework and industry source that has been getting increased attention is the NIST Cybersecurity Framework (CSF).

The CSF came out of another EO, 13636, which is from 2013 and directed NIST to work with stakeholders to develop a voluntary framework for reducing risk to critical infrastructure. It was produced through coordinated efforts with industry and government, which have both widely adopted the framework.

Here’s how the CSF is composed, how aspects of it can help meet some of the recent cybersecurity EO objectives, and how any organization can use it to better map risk to threats.

To read this article in full, please click here

Generated by Feedzy

Cyber Security News

Redline Stealer: A Novel Approach

Linux Cerber Ransomware Variant Exploits Atlassian Servers

North Korean Group Kimsuky Exploits DMARC and Web Beacons

US Government and OpenSSF Partner on New SBOM Management Tool

How to Protect Yourself Against AI Voice Cloning Attacks

Using AI-Generated Legislative Amendments as a Delaying Technique

EU Elections: Pro-Russian Propaganda Exploits Meta’s Failure to Moderate Political Ads

Introduction to Software Composition Analysis and How to Select an SCA Tool

Ivanti Patches Two Critical Avalanche Flaws in Major Update