Barrett, M.
(2018),
Framework for Improving Critical Infrastructure Cybersecurity Version 1.1, NIST Cybersecurity Framework, [online], https://doi.org/10.6028/NIST.CSWP.04162018, https://www.nist.gov/cyberframework
(Accessed April 20, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Framework for Improving Critical Infrastructure Cybersecurity Version 1.1
Published
Author(s)
Abstract
This publication describes a voluntary risk management framework ("the Framework") that consists of standards, guidelines, and best practices to manage cybersecurity-related risk. The Framework's prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important to the economy and national security. This release, Version 1.1, includes a number of updates from the original Version 1.0 (from February 2014), including: a new section on self-assessment; expanded explanation of using the Framework for cyber supply chain risk management purposes; refinements to better account for authentication, authorization, and identity proofing; explanation of the relationship between implementation tiers and profiles; and consideration of coordinated vulnerability disclosure. Complete information about the Framework is available at https://www.nist.gov/cyberframework.Citation
NIST Cybersecurity Framework
Pub Weblink
Pub Type
Websites
Download Paper
Keywords
critical infrastructure, cybersecurity, cybersecurity framework, risk management
Citation
Created April 16, 2018, Updated January 27, 2020