FW: Major Updates | Draft NIST Cybersecurity Framework 2.0

[Boyens, Jon M. (Fed)]

All,

 

NIST relies heavily on stakeholder information and views to guide the development of our cybersecurity guidance. As one of those who have commented on prior drafts on the Journey to NIST CSF 2.0, I want to make sure that you have an opportunity to review and comment on the public draft of the NIST Cybersecurity Framework 2.0. Please see details below – and thanks in advance for providing us with any additional insights.  Feedback may be sent to cyberfr...@nist.gov.

 

We also plan to provide an overview (and rationale) of the CSCRM-specific changes that have been made in this version at the upcoming SSCA Forum September 12 and 13. A registration link for this event should be available by the end of the week on our SSCA Forum site: https://csrc.nist.gov/Projects/cyber-supply-chain-risk-management/ssca

 

 Look forward to seeing you there!!

Jon

 

From: NIST Cybersecurity and Privacy Program <csrc...@service.govdelivery.com>
Sent: Tuesday, August 8, 2023 10:37 AM
To: Pascoe, Cherilyn E. (Fed) <cherily...@nist.gov>
Subject: Major Updates | Draft NIST Cybersecurity Framework 2.0

 

 

View As Web Page NIST Cybersecurity and Privacy Program JUST RELEASED for Public Comment - Draft NIST Cybersecurity Framework 2.0 & Implementation Examples! After reviewing more than a year’s worth of community feedback, NIST has released a Draft of The NIST Cybersecurity Framework 2.0 for public comment! This draft represents a major update to the CSF—a resource first released in 2014 to help organizations reduce cybersecurity risk. The draft update reflects changes in the cybersecurity landscape and makes it easier to put the CSF into practice for all organizations. The CSF 2.0 draft reflects several major changes, including: an expanded scope, the addition of a sixth function, Govern, and improved and expanded guidance on implementing the CSF—especially for creating profiles. Today, NIST is also releasing a separate discussion draft of the Implementation Examples included in the CSF 2.0 Draft Core for public comment. We will also soon share a new CSF 2.0 Reference Tool, which will allow users of the CSF 2.0 to download and search the CSF 2.0 Draft Core. As CSF 2.0 is finalized, the updated Examples and CSF Informative References will be maintained on the CSF site. Public comments will be accepted on both of these drafts via cyberfr...@nist.gov until Friday, November 4, 2023; feedback will inform the development of the final CSF 2.0, which will be published in early 2024. Save the Date: A hybrid Fall workshop will be held on September 19-20, 2023—and will include options for virtual and in-person attendance—at the NIST National Cybersecurity Center of Excellence (registration will open soon).The workshop will serve as another opportunity for the public to provide feedback and comment on the draft. Thank you for sharing in our excitement and for being such an important part of this process. As always, please continue to visit our Journey to CSF 2.0 website for important news, updates, and documents in the coming months—and follow us on Twitter via @NISTcyber. Read the CSF 2.0 Draft NIST Cybersecurity and Privacy Program Questions/Comments about this notice: cyberfr...@nist.gov CSRC Website questions: csrc-i...@nist.gov

 

Connect with us Received this email from a friend? Subscribe here. Subscriber services: Manage Preferences  |  Unsubscribe  |  Help

---

If you have questions or problems with the subscription service, please contact subscriberhelp.govdelivery.com. Technical questions? Contact inqu...@nist.gov. (301) 975-NIST (6478). This service is provided to you at no charge by National Institute of Standards and Technology (NIST). 100 Bureau Drive, Stop 1070 · Gaithersburg, MD 20899 · 301-975-6478