New Cybersecurity Guidance coming in 2018 via NIST CSF version 1.1

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

It’s been several years since the National Institute of Standards and Technology’s Cyber Security Framework 1.0 (NIST CSF) was released, and version 1.1 refines and clarifies key areas, including:

1) The correlation of business results to cybersecurity risk management.  Section 4.0 ” Self-Assessing Cybersecurity Risk with the Framework” now includes multiple uses of measurement for self-assesment.

2) Clarification of the use of the Framework to manager cybersecurity within supply chains.

3) Focus on authorization, authentication and identity proofing under “Identity Management and Access Control”.

4) Vulnerability disclosure has been added.

5) Federal applicability statements have been removed.

The draft is in final revisions and includes responses to the NIST Request for Information, feedback and frequently asked questions, and input from attendees of two separate workshops held for the purpose of updating the standard. The final version is expected to be released in Q1 2018.

Click here to view the current draft of NIST CSF 1.1

Click here to learn how to apply NIST CSF to your (or your client’s) organization.

Foresite admin
Website | + posts

Sign Up For Our Blog

Get our latest content delivered to your inbox.

partner with foresite consulting to become a More Effective Leader

Develop the skills and strategies you need to take your company to the next level of success.

Foresite Cybersecurity Announces Pivot to Open XDR & Compliance Platform