INDUSTRY INSIGHT
How will the Cybersecurity Framework update affect your agency?
The National Institute for Science and Technology’s 2014 Framework for Improving Critical Infrastructure Cybersecurity v. 1.0 — otherwise known as the Cybersecurity Framework — is foundational guidance that has become a cornerstone of the cybersecurity industry. Although specifically focused on improving critical national infrastructure cybersecurity, its widespread adoption by other agencies, organizations and businesses enabled the CSF to make a greater positive impact than expected. While the framework was designed to be voluntary, President Donald Trump’s Executive Order 13800 in May 2017 directed all federal agencies to use it.
On April 16, 2018, NIST published a CSF update that impacts all cybersecurity capabilities, not just critical infrastructure. The CSF 1.1 is a living document; it will cause tertiary effects that impact federal, commercial and private cybersecurity organizations. Not only will the accreditation standards mandated by the Federal Information Security Modernization Act…
