The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
New to Framework
This voluntary Framework consists of standards, guidelines and best practices to manage cybersecurity risk.
Online Learning
Intro material for new Framework users to implementation guidance for more advanced Framework users.
Latest Updates
- Check out the Cybersecurity Framework International Resources [nist.gov] page, where we added a new resource category (Additional Guidance) and another resource (The Coalition to Reduce Cyber Risk's Seamless Security: Elevating Global Cyber Risk Management Through Interoperable Frameworks [static1.squarespace.com]).
-
NIST has released Draft NISTIR 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM), for public comment. This report promotes greater understanding of the relationship between cybersecurity risk management and ERM, and the benefits of integrating those approaches. The public comment period closes on April 20, 2020. See the publication details for a copy of the draft and instructions for submitting comments.
-
NIST has published NISTIR 8170, Approaches for Federal Agencies to Use the Cybersecurity Framework. It provides guidance on how the Cybersecurity Framework can be used in the U.S. Federal Government in conjunction with the current and planned suite of NIST security and privacy risk management publications.
- Given the growing global concern over the spread of the coronavirus (COVID-19), it is in the best interest of the attendees, speakers, and staff to cancel this year’s NIST Advancing Cybersecurity Risk Management Conference. Please stay tuned for future opportunities to engage, including potential virtual events.
- A draft revision of NISTIR 8183, the Cybersecurity Framework (CSF) Manufacturing Profile, has been developed that includes the subcategory enhancements established in NIST's Framework Version 1.1. The public comment period for this document ends May 4, 2020.
- Thank you to all who attended #RSAC2020 and had a chance to chat/interact with our team #NISTatRSAC! If you were unable to attend, be sure to check out the NCCoE session recaps: https://www.nccoe.nist.gov/events/rsa-conference-2020
To see more Latest Updates click here
Contacts
For further information and/or questions about the Cybersecurity Framework
-
CONTACT: