The Introduction to the Framework Roadmap learning module seeks to inform readers about what the Framework Roadmap is, how it relates to the Framework, and what the Roadmap Areas are.
Introduction to the Roadmap
The Roadmap is a companion document to the Cybersecurity Framework. The Roadmap, while not exhaustive in describing all planned activities within NIST, identifies key activities planned for improving and enhancing the Cybersecurity Framework. While the Roadmap is focused on activities around the Cybersecurity Framework, the results of work described in the Roadmap are expected to be useful to a broader audience to improve cybersecurity risk management.
Roadmap Areas for Development
The Roadmap continues to evolve with the Cybersecurity Framework. Roadmap version 1.1 identifies fourteen high-priority areas for development, alignment, and collaboration.
The fourteen areas are:
- Confidence Mechanisms
- Cyber-Attack Lifecycle
- Cybersecurity Workforce
- Cyber Supply Chain Risk Management
- Federal Agency Cybersecurity Alignment
- Governance and Enterprise Risk Management
- Identity Management
- International Aspects, Impacts, and Alignment
- Measuring Cybersecurity
- Privacy Engineering
- Referencing Techniques
- Small Business Awareness and Resources
- Internet of Things (IoT)
- Secure Software Development
More information regarding each of these areas is included within the Roadmap located at Framework - Related Efforts.