- cyberframework Expand or Collapse
- Cybersecurity Framework (PDF)
- Cybersecurity Framework (Excel)
- Draft Version 1.1
- Industry Resources
- Frequently Asked Questions
- Events and Presentations
- CSF Reference Tool
- Additional Information Expand or Collapse
On January 10, 2017, NIST released proposed updates to Cybersecurity Framework. This draft Version 1.1 of the Cybersecurity Framework seeks to clarify, refine, and enhance the Framework. Updates were derived from feedback NIST received since publication of Cybersecurity Framework Version 1.0, including responses to a December 2015 RFI entitled Views on the Framework for Improving Critical Infrastructure Cybersecurity and discourse at Cybersecurity Framework Workshop 2016. Per the Federal Register Notice published on January 25th, 2017, feedback and comments should be directed to firstname.lastname@example.org by April 10th, 2017. See the recently expanded Frequently Asked Questions for more information about the proposed update and the path ahead.
RSA USA 2017 Framework Events:
- Booth Hours: 1-2PM Thursday, 16 February 2017 at booth S2815
- Panel: 8AM Thursday, 16 February - The NIST Cybersecurity Framework: Who, What, Where?
- Panel: 2:45PM Thursday, 16 February - Cybersecurity Framework Draft Version 1.1: Success on the Road Ahead
NIST Framework Webinars – On 1 March, NIST is hosting four Webinars. Two are meant for people who want to understand Framework basics, and two are meant for people who want to know more about the proposed update. Registration is open now.
Cybersecurity professionals talk about what the Cybersecurity Framework means to their organizations. The Framework, which was created through collaboration between industry and government, consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk.
Above, you can also view a brief animated video, which features additional cybersecurity professionals talking about what the framework means to their organizations. These experts from Intel, Microsoft, Telos, the U.S. Chamber of Commerce and the National Restaurant Association worked with NIST, other agencies and industry and academia to develop the framework. Like the framework itself, the video is not only for those in the trenches of cybersecurity, but also those in the C-suite, who make funding and business decisions that affect cybersecurity.