Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
Thoughts on updated NIST Cybersecurity Framework (draft version 1.1)
NIST has announced an update to its Cybersecurity Framework. The initial version was published in 2014.
In my opinion, there are some significant changes to the framework, and I think it should be called 2.0.
Some of the key changes are:
1. Identity Management – authentication, authorisation and identity proofing
2. Supply chain risk management
3. Internal selfassessment and measurement of cybersecurity
- Do you implement NIST CSF in your organisation?
- What do you think about the changes?
- What other changes would you recommend?
- This topic was modified 1 year ago by vijayga.
You must be logged in to reply to this topic.