The final publication date of the most significant update yet to NIST’s Cybersecurity Framework (NIST CSF 2.0) is on the horizon. Whether you are only hearing about the NIST CSF in light of the upcoming changes or you’re seeking more clarity on why the framework might be useful for your business, this article gives you a simple breakdown of exactly what the framework is.
What is NIST CSF?
The National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF) is a set of voluntary guidelines, best practices and standards designed to help organizations manage and reduce cybersecurity risks. The framework gives a structure to help align policy, business and technological approaches to address cyber risks.
NIST published the first version in February 2014 as a response to a presidential Executive Order by Barack Obama that called for developing a voluntary framework to help critical infrastructure organizations manage and reduce their cybersecurity risks. This need for a framework arose due to repeated cyber intrusions into critical infrastructure by state-sponsored and other sophisticated hackers.
Over time, it became clear that the framework’s…
