NIST proposes category revisions as part of cybersecurity framework update to address supply chain, vulnerabilities

SAN FRANCISO. Officials leading the NIST effort to update the cybersecurity framework detailed changes proposed in the recently released “discussion draft” core publication here at the RSA conference, including shifting categories in various functions and a call for feedback on implementation examples.

The “discussion draft” core makes “significant changes” to the CSF but the “structure remains the same,” NIST CSF program lead Cheri Pascoe said Thursday during a presentation on the framework. She was joined by NIST international...