Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
CSF 2.0 Profiles
Templates and useful resources for creating and using both CSF profiles
Videos
Latest Updates
- NIST has finalized Special Publication (SP) 800-70r5 (Revision 5), National Checklist Program for IT Products – Guidelines for Checklist Users and Developers. The update includes an appendix with enhanced mapping concepts between checklist settings, NIST Cybersecurity Framework (CSF) 2.0 outcomes, SP 800-53 controls, and Common Configuration Enumeration (CCE) identifiers for evidence-ready automation and reporting.
- The NIST National Cybersecurity Center of Excellence (NCCoE) seeks comments on draft NIST Internal Report (IR) 8323 Revision 2, Foundational PNT Profile: Applying the Cybersecurity Framework (CSF) for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services. The comment period closes July 6, 2026.
- Upcoming Event: Data Governance and Management Profile – Virtual Working Session 2
- Upcoming Event: Spring 2026 CSF 2.0 Cyber AI Profile Virtual Working Sessions
- Open for public comment until May 6, 2026: CSF 2.0 Informative References Quick‑Start Guide. This draft explains how to find, filter, and apply informative references using NIST tools. Review and submit comments here.
- The final version of NIST Cybersecurity Framework 2.0: Cybersecurity, Enterprise Risk Management, and Workforce Management Quick-Start Guide (SP 1308) is now available.
- February 24, 2026: Celebrating Two Years of CSF 2.0! View the anniversary blog.
Credit:
NIST
Contacts
For further information and/or questions about the Cybersecurity Framework
-
CONTACT: