April 26, 2024
Daily News
Draft NIST framework update revamps earlier measurement, supply chain language
The National Institute of Standards and Technology’s newly unveiled second draft of “version 1.1” of the federal framework of cybersecurity standards refocuses language on cyber metrics to emphasize internal assessments, while eliminating entirely guidance for federal agency adoption and adding new language on vulnerability disclosure, among other changes.
The updated framework addresses concerns raised by industry following the January release of the first draft of version 1.1, which prompted NIST to solicit more feedback on the draft and host...