Security News > 2024 > February > NIST updates Cybersecurity Framework after a decade of lessons

After ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology has released version 2.0 of its Cybersecurity Framework.

Unlike the original, which was designed with critical infrastructure sectors in mind, CSF 2.0's scope has been expanded to suitable security tips for organizations in any sector and of any size "Regardless of their degree of cybersecurity sophistication," NIST said.

For those unfamiliar with the CSF, it's a set of best practices and recommendations from NIST to help organizations improve their cybersecurity posture and raise organizational awareness of how to operate safely.

Along with broadening its scope, the new CSF [PDF] goes beyond being a best practices recommendation document, said NIST director Laurie Locascio.

According to NIST, CSF 2.0 was written with President Biden's National Cybersecurity Strategy, adopted in early 2023, in mind.

NIST said it views CSF 2.0 as a living document, and it plans to continue upping available resources to make the framework more useful.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/02/27/nist_cybersecurity_framework_2/