Version 1.1 of the Framework was published on April 16, 2018. The document has evolved to be even more informative, useful, and inclusive for all kinds of organizations. Version 1.1 is fully compatible with Version 1.0 and remains flexible, voluntary, and cost-effective. Among other refinements and enhancements, the document provides a more comprehensive treatment of identity management and additional description of how to manage supply chain cybersecurity.
The recorded version of the April 27th webcast is available.
Success Stories regarding Framework use / Implementation have been added to the website! Our first Success Story comes from the University of Chicago, check it out HERE!
Start Using the Baldrige Cybersecurity Tool: Here's Help. First, the Information Security Team of the University of Kansas Medical Center (KUMC) began using the Baldrige Cybersecurity Excellence Builder (BCEB) -- which is a voluntary self-assessment tool based on the Cybersecurity Framework. Learn about their experience at: https://www.nist.gov/blogs/blogrige/start-using-baldrige-cybersecurity-tool-heres-help
Also, the next Baldrige Cybersecurity Excellence Builder Workshop, April 8, 8:30-3:30 pm, in Baltimore, MD. It's a practical, interactive workshop on using the Baldrige Cybersecurity Excellence Builder (BCEB). Details at: https://www.nist.gov/baldrige/qe/baldrige-cybersecurity-excellence-builder-workshop
RFC comments received on Draft 2 of Framework Version 1.1 and the Roadmap are now being reviewed. All responses will be published publicly in the coming weeks. NIST appreciates your feedback and as always, any additional comments can be directed to firstname.lastname@example.org(link sends e-mail).
- Two December 2017 webcasts about Framework basics and the proposed updates to Framework and Roadmap are now available for playback.
- A mapping of the Framework Core to NIST SP 800-171 Revision 1 has recently been published. This can be found in Appendix D of the publication(link is external).
- A blog entry on protecting critical infrastructure has been posted. A Framework for Protecting our Critical Infrastructure.
Update on the Cybersecurity Framework July 01, 2015
Update on the Cybersecurity Framework December 05, 2014
Update on the Cybersecurity Framework July 31, 2014
Update on Development of the Cybersecurity Framework January 15, 2014
Update on Development of the Cybersecurity Framework December 04, 2013
Update on Development of the Cybersecurity Framework July 24, 2013
- cyberframework Expand or Collapse
- Framework Expand or Collapse
- New to Framework Expand or Collapse
- Perspectives Expand or Collapse
- Success Stories Expand or Collapse
- Online Learning Expand or Collapse
- Evolution Expand or Collapse
- Frequently Asked Questions Expand or Collapse
- Events and Presentations
- Related Efforts (Roadmap)
- Informative References
- Resources Expand or Collapse
- Newsroom Expand or Collapse
Created February 14, 2018, Updated May 09, 2018