The U.S. federal government has been very active the past year, particularly with the cybersecurity executive order (EO) and associated tasks and goals that have come out of it. One framework and industry source that has been getting increased attention is the NIST Cybersecurity Framework (CSF).
The CSF came out of another EO, 13636, which is from 2013 and directed NIST to work with stakeholders to develop a voluntary framework for reducing risk to critical infrastructure. It was produced through coordinated efforts with industry and government, which have both widely adopted the framework.
Here’s how the CSF is composed, how aspects of it can help meet some of the recent cybersecurity EO objectives, and how any organization can use it to better map risk to threats.
More Stories
CISA and NFL Collaborate to Secure Super Bowl LVIII
Tabletop exercise assessed the cybersecurity response capabilities, plans and procedures for the event Read More
Over 700 Dark Web Ads Offer DDoS Attacks Via IoT in 2023
Kaspersky said these services range from $20 per day to $10,000 a month Read More
Elusive Sandman APT Targets Telecom Giants With LuaJIT Toolkit
SentinelLabs said the group’s tactics focus on stealthy lateral movements and minimal interactions Read More
#mWISE: Why Zero Days Are Set for Highest Year on Record
Experts at the mWISE conference discussed who is behind the surge in zero-day exploits Read More
US Government IT Staffer Arrested on Espionage Charges
Maryland resident faces possible death penalty Read More
UK Security Agency Publishes New Crypto Designs
NCSC hopes research will inform future standards Read More