1. NIST 2.0 Framework
The NIST Cybersecurity Framework was established in response to an executive order by former President Obama — Improving Critical Infrastructure Cybersecurity — which called for greater collaboration between the public and private sector for identifying, assessing, and managing cyber risk.
While compliance is voluntary, NIST has become the gold standard for assessing cybersecurity maturity, identifying security gaps, and meeting cybersecurity regulations.
Source: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdf
In 2024, NIST unveiled the Cybersecurity Framework 2.0 (CSF 2.0), marking its most significant update since the release of CSF 1.1 in 2018.
CSF 2.0 extends its reach beyond critical infrastructure cybersecurity, targeting a wider array of organizations including small schools, nonprofits, large agencies, and corporations, regardless of their cybersecurity expertise.
A notable addition in this update is the emphasis on cybersecurity governance, recognizing cybersecurity as a key component of enterprise risk management…
