NIST Is Updating Its Cybersecurity Framework

Read Time:45 Second

NIST is planning a significant update of its Cybersecurity Framework. At this point, it’s asking for feedback and comments to its concept paper.

Do the proposed changes reflect the current cybersecurity landscape (standards, risks, and technologies)?
Are the proposed changes sufficient and appropriate? Are there other elements that should be considered under each area?
Do the proposed changes support different use cases in various sectors, types, and sizes of organizations (and with varied capabilities, resources, and technologies)?
Are there additional changes not covered here that should be considered?
For those using CSF 1.1, would the proposed changes affect continued adoption of the Framework, and how so?
For those not using the Framework, would the proposed changes affect the potential use of the Framework?

The NIST Cybersecurity Framework has turned out to be an excellent resource. If you use it at all, please help with version 2.0.

Smashing Security podcast #411: The fall of Troy, and whisky barrel scammers

Stripe API Skimming Campaign Unveils New Techniques for Theft

Royal Mail Investigates Data Breach Affecting Supplier

Gray Bots Surge as Generative AI Scraper Activity Increases

Bybit Heist Fuels Record Crypto-Theft Surge, Says CertiK

Rational Astrologies and Security

North Korea’s Fake IT Worker Scheme Sets Sights on Europe

Steam Surges to Top of Most Spoofed Brands List in Q1

ICO Apologizes After Data Protection Response Snafu