Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
New to Framework
This voluntary Framework consists of standards, guidelines and best practices to manage cybersecurity risk.
Online Learning
Intro material for new Framework users to implementation guidance for more advanced Framework users.
Latest Updates
- Draft NISTIR 8286D, Using Business Impact Analysis to Inform Risk Prioritization and Response, is now available for public comment. This report continues an in-depth discussion of the concepts introduced in NISTIR 8286, Integrating Cybersecurity and Enterprise Risk Management, and provides additional detail regarding the enterprise application of cybersecurity risk information.
- Check out tomorrow's Speaker Series, hosted by the NCCoE, focusing on the development of a Framework Profile for the Liquefied Natural Gas Industry
- The Ransomware Risk Management Profile: Ransomware Risk Management: A Cybersecurity Framework Profile is now final and a quick start guide is available.
- We are excited to announce that the Framework has been translated into Ukrainian!
- NIST has issued an RFI for Evaluating and Improving NIST Cybersecurity Resources - responses are due by April 25, 2022.
- We are excited to announce that the Framework has been translated into French!
To see more Latest Updates click here
Contacts
For further information and/or questions about the Cybersecurity Framework
-
CONTACT: