NIST Is Updating Its Cybersecurity Framework

1 year ago AndyC

NIST
Is
Updating
Its
Cybersecurity
Framework

NIST
is

planning
a
significant
update
of
its
Cybersecurity
Framework.
At
this
point,
it’s
asking
for
feedback
and
comments
to
its
concept
paper.

NIST
Is
Updating
Its
Cybersecurity
Framework

NIST
is

planning
a
significant
update
of
its
Cybersecurity
Framework.
At
this
point,
it’s
asking
for
feedback
and
comments
to
its
concept
paper.

Do
the
proposed
changes
reflect
the
current
cybersecurity
landscape
(standards,
risks,
and
technologies)?

Are
the
proposed
changes
sufficient
and
appropriate?
Are
there
other
elements
that
should
be
considered
under
each
area?

Do
the
proposed
changes
support
different
use
cases
in
various
sectors,
types,
and
sizes
of
organizations
(and
with
varied
capabilities,
resources,
and
technologies)?

Are
there
additional
changes
not
covered
here
that
should
be
considered?

For
those
using
CSF
1.1,
would
the
proposed
changes
affect
continued
adoption
of
the
Framework,
and
how
so?

For
those
not
using
the
Framework,
would
the
proposed
changes
affect
the
potential
use
of
the
Framework?

The
NIST
Cybersecurity
Framework
has
turned
out
to
be
an
excellent
resource.
If
you
use
it
at
all,
please
help
with
version
2.0.

Tags:

cybersecurity,

national
security
policy,

NIST

Sidebar
photo
of
Bruce
Schneier
by
Joe
MacInnis.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts