Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Framework

Helping organizations to better understand and improve their management of cybersecurity risk


Cybersecurity Framework Functions Wheel

Framework Version 1.1

The Cybersecurity Framework is ready to download. 


Learn More


Cyberframework New to Framework Pie

New to Framework

This voluntary Framework consists of standards, guidelines and best practices to manage cybersecurity risk.

Learn More


Cyberframework Online Learning

Online Learning

Intro material for new Framework users to implementation guidance for more advanced Framework users.

Learn More

Latest Updates

  • NIST just released Security Measures for “EO-Critical Software” Use Under Executive Order (EO) 14028 to outline security measures intended to better protect the use of deployed EO-critical software in agencies’ operational environments.
  • A second public draft of NISTIR 8286A is available: "Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management." The comment period is open through August 6, 2021.
  • NIST has released a draft version of NISTIR 8374 - Cybersecurity Framework Profile for Ransomware Risk Management. This profile can be used as a guide to managing the risk of ransomware events. Please submit your comments by July 9th.
  • To highlight our ongoing international engagement, we’ve collected a series of videos that show how our partners across the world are looking at various cybersecurity and privacy issues that we at NIST are also tracking. Check these videos out HERE!

To see more Latest Updates click here


For further information and/or questions about the Cybersecurity Framework