The National Institute of Standards and Technology has released the final updated version of its Cybersecurity Framework designed to help organizations manage and mitigate cybersecurity risks.
Cybersecurity Framework 2.0 supports the National Cybersecurity Strategy’s implementation and has a new governance component that highlights the need for organizations to make and execute informed decisions on cybersecurity strategy.
The governance component is in addition to the five original main functions of the framework: identify, protect, detect, respond and recover.
Laurie Locascio, director of NIST and under secretary of Commerce for standards and technology, said the framework has been a key tool that helps organizations anticipate and manage cybersecurity threats.
“CSF 2.0, which builds on previous versions, is not just about one document. It is about a suite of resources that can be customized and used individually or in combination over time as an organization’s cybersecurity needs change and its capabilities evolve,” Locascio added.
In August, NIST opened the draft of the revised framework for public comment. The framework was first released in 2014.
The latest edition comes with a new reference tool to allow users to search and export data from the framework’s core guidance in machine-readable and human-consumable formats as well as a searchable catalog of informative references.
Register here to attend the Potomac Officers Club’s 2024 Cyber Summit on June 6 and hear cyber experts, government and industry leaders discuss the latest trends and the dynamic role of cyber in the public sector.