Inside Cybersecurity

February 27, 2024

Home Page

By Sara Friedman

NIST’s update to the cybersecurity framework, known as “CSF 2.0,” is an evolution 10 years in the making of work to help organizations understand risks and incorporate ways to address new challenges, according to framework veterans who were involved in the early days of the original framework’s development.

By Jacob Livesay

Industry stakeholders at an event weighed in on how future versions of the NIST cybersecurity framework could address supply chain considerations and resilience in greater depth and support interoperability with other risk management frameworks.

By Sara Friedman

The National Security Telecommunications Advisory Committee will consider and vote next week on recommendations to encourage organizations to invest in cybersecurity practices and increase information sharing through establishing incentives and liability protections.

By Jacob Livesay

BSA-The Software Alliance is advocating for a collaborative approach to address building memory safety into software and critical systems, following the release of a report by the Office of the National Cyber Director outlining two new strategic approaches for software security.

By Sara Friedman

NIST Director Laurie Locascio emphasized efforts to get stakeholder feedback as key to the cybersecurity framework update, known as “CSF 2.0,” which launched today following a two-year process that featured a request for information, workshops and drafts for public comment.

By Jacob Livesay

The Office of the National Cyber Director has released a report proposing two strategic approaches to address software vulnerabilities, including a call for using memory safe code and establishing metrics to assess software security.

By Sara Friedman

The National Institute of Standards and Technology has published a major update to the cybersecurity framework, known as “CSF 2.0,” incorporating a broader focus on governance and interactive resources to help stakeholders engage with the foundational guidance for the cyber community.

Topics