If your organization hasn’t adopted the National Institute of Standards and Technology Cybersecurity Framework 2.0 (NIST CSF 2.0), you should consider doing so. The NIST CSF 1.0, a set of guidelines and best practices to manage and reduce cybersecurity risks was created by executive order in 2013 and is mandatory for US federal agencies. The first NIST CSF has been widely adopted by many types of organizations worldwide. NIST CSF 2.0 is designed for all organizations, from large to small and across industry sectors. The NIST CSF 2.0 contains some important changes, including: A new Govern function that consolidates Governance, Risk, and Compliance (GRC) categories, demonstrates its importance, and expands supply chain risk focus. * Implementation Tiers have been revised as “CSF Tiers,” intended for formal use as a maturity model. * Implementation examples now provide consistent demonstrations of controls applicable to each category. * Organizational Profiles now allow organizations to more easily demonstrate their current and planned level of cybersecurity maturity. * Self-assessment tools, Quick Start Guides, and Community Profiles facilitate the use of the Framework. NIST CSF 2.0 is a critical tool for organizations working to improve their cybersecurity posture. If you want to learn more, check out our on-demand webinar with CISO Anthony Bolan to learn how it will impact you. Learn about the new recommendations in NIST CSF 2.0 for governance and risk management, how to use the CSF to improve your security program now, and when you should plan for an assessment. Watch: https://lnkd.in/gid7_ptP #NIST #NIST2 #Cybersecurity #Compliance
