Cybersecurity Framework
Latest Updates
On January 10, 2017, NIST released proposed updates to Cybersecurity Framework. This draft Version 1.1 of the Cybersecurity Framework seeks to clarify, refine, and enhance the Framework. Updates were derived from feedback NIST received since publication of Cybersecurity Framework Version 1.0, including responses to a December 2015 RFI entitled Views on the Framework for Improving Critical Infrastructure Cybersecurity and discourse at Cybersecurity Framework Workshop 2016. Feedback and comments should be directed to cyberframework@nist.gov by April 10th, 2017.
Cybersecurity professionals talk about what the Cybersecurity Framework means to their organizations. The Framework, which was created through collaboration between industry and government, consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk.
Above, you can also view a brief animated video, which features additional cybersecurity professionals talking about what the framework means to their organizations. These experts from Intel, Microsoft, Telos, the U.S. Chamber of Commerce and the National Restaurant Association worked with NIST, other agencies and industry and academia to develop the framework. Like the framework itself, the video is not only for those in the trenches of cybersecurity, but also those in the C-suite, who make funding and business decisions that affect cybersecurity.