Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Updating the NIST Cybersecurity Framework – Journey To CSF 2.0
Update to CSF | How to Engage | Fact Sheet | FAQs
Overview
The NIST Cybersecurity Framework was intended to be a living document that is refined, improved, and evolves over time. These updates help the Framework keep pace with technology and threat trends, integrate lessons learned, and move best practice to common practice. NIST initially produced the Framework in 2014 and updated it in April 2018 with CSF 1.1. Based on stakeholder feedback, in order to reflect the ever-evolving cybersecurity landscape and to help organizations more easily and effectively manage cybersecurity risk, NIST is planning a new, more significant update to the Framework: CSF 2.0.
NIST intends to continue to rely on and seek stakeholder feedback throughout the process. This will include public webinars and workshops, as well as seeking feedback on at least one CSF 2.0 draft.
Update Progress
Cybersecurity Request for Information
- Request for Information (RFI), “Evaluating and Improving NIST Cybersecurity Resources: The Cybersecurity Framework and Cybersecurity Supply Chain Risk Management.”(February 2022)
- RFI Comments Received
- NIST Summary Analysis of RFI Responses (June 2022)
Webinars and Workshops
Please stay tuned!
CSF 2.0 Drafts
Please stay tuned!