On August 8, 2023, the National Institute of Standards and Technology (NIST) released the initial draft of its Cybersecurity Framework 2.0 and draft Implementation Examples for public comment. This ...

The NIST Cybersecurity Framework 2.0 is designed to be universally applicable, extending its reach beyond critical infrastructure sectors to encompass all industries. This inclusive approach is a ...

After releasing the first version of its Cybersecurity Framework in 2014, the National Institute of Standards and Technology (NIST) has released its first update to the guidance document.

The US National Institute of Standards and Technology (NIST) has released the latest draft of its well-regarded Cybersecurity Framework (CSF) this week, leaving companies to mull how a few significant ...

NIST seeks comments ahead of the 2024 release of CSF 2.0, which aims to appeal to a broader range of organizations while elevating the importance of corporate governance and more fully addressing ...

Version 2.0 of NIST's Cybersecurity Framework, often cited by financial regulators, provides a structured approach to enhancing an institution's cybersecurity. The federal agency in charge of ...

Does your organization need NIST, CSC, ISO, or FAIR frameworks? Here's how to start making sense of security frameworks. Cybersecurity professionals often face the curse of knowledge–understanding so ...

Nathan Eddy works as an independent filmmaker and journalist based in Berlin, specializing in architecture, business technology and healthcare IT. He is a graduate of Northwestern University’s Medill ...

In this post in our series on basic cybersecurity concepts for lawyers (see here and here for prior posts), we delve into the National Institute of Standards and Technology (NIST) Cybersecurity ...

Cybersecurity is a growing concern for organizations across the world as threats increase. The global average cost of a single data breach is $4.35 million. Cyber threats and cyber issues are costly, ...

The prevalence of legacy systems and delayed patching processes create critical vulnerabilities in industrial environments.