Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
CSF 2.0 Profiles
Templates and useful resources for creating and using both CSF profiles
Videos
Latest Updates
- Seeking comments through November 17, 2025: The NIST Internal Report (IR) 8183 Revision 2, Cybersecurity Framework Version 2.0 Manufacturing Profile. The Profile is structured around the NIST CSF 2.0 Functions: Govern, Identify, Protect, Detect, Respond, and Recover. These Functions form the basis for prioritizing cybersecurity outcomes tailored to the manufacturing sector, enabling manufacturers to align their cybersecurity efforts with business needs, risk tolerance, and available resources.
- On July 25, 2025, NIST launched the CSF 2.0 Resources page to list publicly available resources submitted by the CSF 2.0 user community. Resource topics include educational materials, examples of use, tools, and informative references. Visit the CSF 2.0 Resources page to learn more about evaluation criteria and how you can submit a resource.
- On July 18, 2025, NIST published a mapping of the Cybersecurity Framework (CSF) 2.0 to Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations (800 171 Rev. 3) (status: draft) to our Online Informative References (OLIR) catalog. The mapping is between functions and categories in the CSF 2.0 and the NIST SP 800-171 Rev. 3 Controlled Unclassified Information (CUI) requirements.
- On May 30, 2025, ISO/IEC-27001:2022-to-Cybersecurity-Framework-v2.0 Informative Reference Details (status: final) was posted to the NIST OLIR (Online Informative References) catalog.
Contacts
For further information and/or questions about the Cybersecurity Framework
-
CONTACT: