News and developments
Proposal for the new NIST Cybersecurity Framework now revealed
This upgrade comes as the rate of growth in the field of cybersecurity is increasing, in terms of both legislation and norms, and cyberthreats. The important role played by the NIST means that this upgraded version has major implications for the entire cybersecurity sector.
On 8 August, 2023, the U.S. National Institute of Standards and Technology (NIST) released a proposal for a new version (2.0) of the Cybersecurity Framework (CSF), to provide organizations with a framework for cybersecurity measures. Since it was first released in 2014, the CSF has become a fundamental tool used by firms around the world to enhance their resilience to cyberthreats.
The Cybersecurity Framework is a high-quality tool that defines a general framework to help organizations identify, assess, and manage cybersecurity risk. The Cybersecurity Framework is intended to provide an organized and coherent set of best practices, guidelines, and standards to be aligned with the particular needs of the various sectors and organizations. For this reason, it contains references to norms and specific guidelines drawn up by the NIST, but also by the International Organization for Standardization (ISO).
The main changes in the upgraded version of the framework:
Author: Marcin Ręgorowicz, Konrad Basaj
-
- the scope has been revised and expanded – the new CSF expands the framework to include new and current norms and guidelines, making it more relevant and complete;
- aids for those implementing it – the tips for using CSF 2.0 in practice have also been improved, which is intended to make it significantly easier to implement.
Author: Marcin Ręgorowicz, Konrad Basaj