CISA to update cross-sector cyber performance goals to align with CSF 2.0

The Cybersecurity and Infrastructure Security Agency is working on an update to its cross-sector cyber performance goals to reflect major changes to the NIST cybersecurity framework unveiled in 2024, according to CISA’s vulnerability management lead.

The National Institute of Standards and Technology in February 2024 published a major update to the cybersecurity framework, known as CSF 2.0. The update added a new governance function and more content on supply chain risk management.

CISA published the first version of the...