Security News > 2024 > March > NIST Cybersecurity Framework 2.0

NIST Cybersecurity Framework 2.0
2024-03-01 12:08

The CSF 2.0, which supports implementation of the National Cybersecurity Strategy, has an expanded scope that goes beyond protecting critical infrastructure, such as hospitals and power plants, to all organizations in any sector.

The CSF's governance component emphasizes that cybersecurity is a major source of enterprise risk that senior leaders should consider alongside others such as finance and reputation.

The framework's core is now organized around six key functions: Identify, Protect, Detect, Respond and Recover, along with CSF 2.0's newly added Govern function.

When considered together, these functions provide a comprehensive view of the life cycle for managing cybersecurity risk.

The updated framework anticipates that organizations will come to the CSF with varying needs and degrees of experience implementing cybersecurity tools.

NIST is exactly the sort of respected organization to do this correctly.


News URL

https://www.schneier.com/blog/archives/2024/03/nist-cybersecurity-framework-2-0.html