The cybersecurity team at the National Institute of Standards and Technology (NIST) is about to finalize a new version of a signature document, the Cybersecurity Framework. Next week, it holds a workshop to get one last round of input on the framework draft. Joining Federal Drive with Tom Temin , the chief of NIST’s Applied Cybersecurity Division, Kevin Stine.
Tom Temin Let’s begin. Basically, what exactly is the cybersecurity framework that you’re about to launch version 2.0 of? And maybe then tell us how that relates to the various publications that NIST has the library of specifics on cybersecurity.
Kevin Stine Yeah, absolutely. So the cybersecurity framework, in my mind, is a tool to help agencies and other organizations, certainly a very broad user community, to better understand, manage and reduce cybersecurity risk. It’s based on existing standards and guidelines, is based on existing practices for organizations to really help them do that. And the Body of NIST, Cybersecurity and privacy resources, the special publications and other outputs that we produce with the community are really intended to help organizations achieve the cybersecurity outcomes that are…
