Resources relevant for international organizations and governments of other nations. NIST has not verified the accuracy of translations of the Cybersecurity Framework.
Here in the Information Technology Laboratory (ITL) at NIST, we value the international engagement we have on our various cybersecurity and privacy efforts. Our programs and resources have benefitted from discussions with international stakeholders through increased communication and coordination, additional information sharing opportunities, and valuable idea exchange.
We encourage international participation at all stages in the development and evolution our programs. The feedback we receive—and lessons learned from international adaptation and implementation—helps us as we update and refine our resources. International engagement will remain an important focus for us and we welcome the chance to keep highlighting these perspectives that underline the important conversations we will continue to have with our partners around the world.
To help highlight this important ongoing engagement, we’ve collected a series of videos that show how our partners across the world are looking at various cybersecurity and privacy issues that we at NIST are also tracking. We value these insights and appreciate understanding how our partners are thinking about these issues (as well as how some have utilized our NIST resources).
If you are interested in submitting a perspectives video for this collection, please contact amy.mahn [at] nist.gov. We look forward to continued conversations on these important topics!
These videos were not developed by NIST. Some include captioning from the points of contact, and NIST has included a closed captioning option for each video and English translation as needed.
A direct, literal translation of the language of Version 1.0 or 1.1 of the Framework. No content or language is altered in a translation.
Translated by Andrii Paziuk - Ukrainian Academy of Cybersecurity, uacs.kiev.ua - with the support of the U.S. Embassy in Ukraine. Reviewed by Oleksandr Bolshov and Diplomatic Language Services. Official U.S. Government translation.
A version of the Framework that substantially references language and content from Version 1.0 or 1.1 but incorporates new, original content. An adaptation can be in any language.
Israel’sCyber Defense Doctrine 2.0
(The purpose of the Defense Doctrine is to present to the Israeli economy an orderly professional method for managing cyber risks in the organization.)
Italy'sNational Framework for Cyber Security(Documents available in Italian andEnglish) (A strategy, which derives much of its content from Version 1 of the Cybersecurity Framework, aims to provide organizations a homogeneous and voluntary approach to manage cybersecurity risks.)
Scotland's Public Sector Action Plan 2017-2018 (This adaptation, the “Safe, Secure and Prosperous: A Cyber Resilience Strategy for Scotland” Public Sector Action Plan 2017-2018, was developed in partnership by the Scottish Government and the National Cyber Resilience Leaders’ Board (NCRLB). This adaptation sets out the key actions that the Scottish Government, public bodies and key partners will take up to the end of 2018 to further enhance cyber resilience in Scotland’s public sector.)
Uruguay's Cybersecurity Framework v4.0 (Page not in English) (A Framework produced by the Agency Electronic Government and Information Society and Knowledge (AGESIC) within the Government of Uruguay.)
Baltic and International Maritime Council (BIMCO) Ship Guidelines The Guidelines on Cyber Security Onboard Ships (Developed by several international organizations, this resource is a set of guidelines designed to assist companies in formulating their own approaches to cyber risk management onboard ships.)
Switzerland's Information and Communications Technology (ICT) Minimum Standard (Page Not in English) (This minimum standard was developed by Switzerland’s Federal Office for National Economic Supply (FONES). The Minimum ICT Standard serves as a recommendation and potential guide to improving ICT resilience. While it is aimed in particular at operators of critical infrastructures, it is applicable to any business or organization and is freely available.)
United Kingdom’s Cabinet Office Minimum Cyber Security Standard (A minimum standard developed in collaboration with the UK government and National Cyber Security Centre (NCSC). This document defines the minimum security measures that UK Departments shall implement with regards to protecting their information, technology and digital services to meet their SPF and National Cyber Security Strategy obligations. The SPF provides mandatory protective security outcomes that all Departments are required to achieve.)
United Kingdom’s National Cyber Security Centre NIS Guidance Collection (A set of guidance from the UK National Cyber Security Centre (NCSC) and Department of Culture, Media and Sport (DCMS) for meeting requirements for the Network and Information Systems (NIS) Directive.)
United Nations' International Maritime Organization Guidelines on Maritime Cyber Risk (These guidelines provide high-level recommendations on maritime cyber risk management to safeguard shipping from current and emerging cyber threats and vulnerabilities.)