The National Institute of Standards and Technology is seeking public feedback on the potential revisions to the NIST Cybersecurity Framework that sets standards and best practices for safeguarding critical infrastructure for both the public and private sectors.
NIST is requesting comments on how the framework is being used by organizations and how it can be updated to address supply chain risks and adapt to the evolving cybersecurity threat landscape, the agency said Tuesday.
Specifically, NIST wants information on the usefulness of the framework for supporting organizations’ cybersecurity efforts and ways to align the updated framework with other risk management resources.
The industry is also urged to comment on how the NIST Cybersecurity Framework could support the recently launched National Initiative for Improving Cybersecurity in Supply Chains.
In a request for information, NIST said the cybersecurity domain has significantly changed in terms of capabilities, technologies and threats since the agency first updated the framework in 2018.
The NIST Cybersecurity Framework was launched in 2014 to give guidance to organizations on how to identify, respond and mitigate cybersecurity threats facing their information systems.