CSF 2.0 program leaders highlight changes in draft NIST framework update, preview what’s next

NIST’s updated cybersecurity framework presents an opportunity to build on concepts that have been illuminated in the past five years, including the addition of a governance function, and address calls for more targeted guidance to meet stakeholder needs, according to program leaders Cheri Pascoe and Kevin Stine.

The process to update the framework has been “iterative” since the original request for information was published in early 2022, Pascoe said. “The narrative you see the in the draft is new,...