NIST aims to issue finalized updated cyber framework in fall, continues work on mapping

SAN FRANCISCO – The National Institute of Standards and Technology is planning to issue a finalized 1.1 version of the cybersecurity framework by the fall, hosting a workshop to engage stakeholders tentatively planned for May and continuing to develop “profiles” mapping the standards.

NIST issued in January a draft version of the updated framework, which introduces provisions on securing the supply chain, identity controls, and measuring the business impact of the framework's use.

Donna Dodson, NIST's chief cybersecurity adviser, laid...