December 2, 2023
Cyber Risk Institute continues to push for NIST supply chain function in comments on CSF 2.0 final draft
The Cyber Risk Institute continues to advocate for the creation of a supply chain function in NIST’s update to the cybersecurity framework in comments on the final draft publication, while also offering suggestions on how to refine proposed language on governance.
The National Institute of Standards and Technology published the final draft of the updated framework, known as CSF 2.0, in August. The comment period closed on Nov. 6.
“We applaud NIST’s efforts to consolidate supply chain risk management...