The NIST Cybersecurity Framework, with its six pillars, is a dynamic document designed for continuous refinement and improvement. NIST is committed to integrating stakeholder feedback to adapt to the ever-changing cybersecurity landscape. Currently, NIST is actively developing CSF 2.0, a substantial update aimed at enhancing the framework for more effective cybersecurity risk management.
CSF 2.0's Governance domain addresses issues of accountability, confusion, and inefficiency in our environment. It emphasizes leadership and oversight, tied to finance, to establish and monitor the organization's cybersecurity risk management strategy, expectations, and policy.
The six pillars of NIST 2.0 are:
GOVERN: Establish and monitor the organization's cybersecurity risk management strategy, expectations, and policy.
IDENTIFY: Determine the current cybersecurity risk to the organization.
PROTECT: Use safeguards to prevent or reduce cybersecurity risk.
DETECT: Find and analyze possible cybersecurity attacks and compromises.
RESPOND: Take action regarding a detected cybersecurity incident.
RECOVER: Restore assets and operations impacted by a cybersecurity incident.
The release of the public draft is a significant milestone, providing organizations with the opportunity to contribute input before NIST finalizes the framework for anticipated publication in 2024.
Referencing : https://csrc.nist.gov/Projects/cybersecurity-framework/Filters#/csf/filters
No comments:
Post a Comment