Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
New to Framework
This voluntary Framework consists of standards, guidelines and best practices to manage cybersecurity risk.
Online Learning
Intro material for new Framework users to implementation guidance for more advanced Framework users.
Latest Updates
- See our latest Success Story featuring how the Lower Colorado River Authority (LCRA) [nist.gov] implemented a risk-based approach to the CSF and tailored it to meet their unique needs.
- NIST has released a Cybersecurity White Paper, Benefits of an Updated Mapping Between the NIST Cybersecurity Framework and the NERC Critical Infrastructure Protection Standards, which describes a recent mapping initiative between the NERC CIP standards and the NIST Cybersecurity Framework. In addition, a mapping is available to show which Cybersecurity Framework Subcategories can help organizations achieve a more mature CIP requirement compliance program.
- NIST has released a draft ransomware risk management profile, The Cybersecurity Framework Profile for Ransomware Risk Management, Draft NISTIR 8374, which is now open for comment through October 8, 2021.
- Draft NISTIR 8286B, Prioritizing Cybersecurity Risk for Enterprise Risk Management, is now available for public comment! This report continues an in-depth discussion of the concepts introduced in NISTIR 8286, Integrating Cybersecurity and Enterprise Risk Management, with a focus on the use of enterprise objectives to prioritize, optimize, and respond to cybersecurity risks.
- NIST just released Security Measures for “EO-Critical Software” Use Under Executive Order (EO) 14028 to outline security measures intended to better protect the use of deployed EO-critical software in agencies’ operational environments.
- To highlight our ongoing international engagement, we’ve collected a series of videos that show how our partners across the world are looking at various cybersecurity and privacy issues that we at NIST are also tracking. Check these videos out HERE!
To see more Latest Updates click here
Contacts
For further information and/or questions about the Cybersecurity Framework
-
CONTACT: