The Framework for Improving Critical Infrastructure Cybersecurity (“The Framework”) provides a prioritized, flexible, repeatable, performance-based, and cost-effective approach to managing cybersecurity risk at all levels in an organization. It is applicable to organizations of all sizes and sectors. The Framework provides a common language for understanding, managing, and expressing cybersecurity risk both internally and externally. It can be used to help identify and prioritize actions for reducing cybersecurity risk, and it is a tool for aligning policy, business, and technological approaches to managing that risk.
The original version of the Framework (version 1.0) was developed in a year-long, collaborative process in which NIST served as a convener for industry, academia, and government stakeholders. This collaboration continues under the direction of the Cybersecurity Enhancement Act of 2014, as NIST works with stakeholders from across the country and around the world to develop and evolve the Framework.
This webcast will provide the audience with a brief history of how the Framework was developed, supply an understanding of basic components of the Framework (Core, Implementation Tiers, and Profiles), demonstrate how the Framework can be used by organizations, highlight the latest features added in version 1.1, and introduce the Framework Roadmap and Industry Resources. The audience will have an opportunity to ask questions during a Q&A session at the end of the presentation.
Join our Twitter chat using #CyberFramework. You may also participate virtually by submitting your questions during the live event using cyberframework [at] nist.gov (cyberframework[at]nist[dot]gov)