After years of development and stakeholder feedback, the National Institute of Standards and Technology (NIST) released the Cybersecurity Framework (CSF) 2.0 in February 2024.
This significant update represents the first major revision since the framework’s creation in 2014 and provides organizations with enhanced guidance for managing cybersecurity risks in today’s evolving threat landscape.
This refreshed framework offers a comprehensive approach to cybersecurity that addresses emerging challenges while maintaining the flexibility that made its predecessor so widely adopted.
.png
)
The Evolution to CSF 2.0
NIST CSF 2.0 builds upon the foundation established by version 1.1 while introducing several key enhancements.
Perhaps the most notable addition is the new “Govern” function, which now serves as a central pillar that underpins the original five functions: Identify, Protect, Detect, Respond, and Recover.
This addition emphasizes that cybersecurity is a significant source of enterprise risk requiring executive-level attention and governance.
Six Functions organize the CSF 2.0 — Govern, Identify, Protect, Detect, Respond,…
