U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

EVENTS

CSF 2.0 Webinar Series: Deep-Dive into the CSF 2.0 Govern Function to Improve Cybersecurity

Share

CSF 2.0 Webinar Series: Deep-Dive into the CSF 2.0 Govern Function to Improve Cybersecurity

One of the major updates to CSF 2.0 is the creation of the Govern Function, highlighting the importance of ensuring cybersecurity capabilities support the broader mission through Enterprise Risk Management (ERM).

Governance is the process of determining enterprise objectives, setting direction to achieve those objectives, and monitoring performance to adjust strategy as necessary. Risk governance provides the transparency, responsibility, and accountability that enables managers to effectively manage risk. NIST recently updated a series of publications on integration of Cybersecurity and ERM to align with revisions to CSF 2.0, which can be found here: NIST IR 8286.

In the second webinar of NIST’s new multi-part CSF 2.0 webinar series, we will provide a discussion covering:

  • Defining and demystifying governance.
  • The role of the Govern Function in a cybersecurity-focused framework.
  • Strategies for bidirectional communication between cybersecurity practitioners and leadership using best practice governance models.
  • How organizations of all sizes can put cybersecurity governance into practice using the CSF 2.0.
  • How you can use the CSF in conjunction with other NIST publications (such as NIST IR 8286 Parts A-D, SP 800-37r2, etc.) to better integrate cybersecurity and enterprise risk management for governance oversight. 
  • Where to find CSF 2.0 implementation resources in support of cybersecurity governance.

Time will be reserved at the end for audience questions.

Speakers:

  • Julie Chua, Division Chief, Applied Cybersecurity Division, NIST
  • Nahla Ivy, Enterprise Risk Management Officer, Office of Financial Resources Management, NIST
  • Daniel Eliot, Lead for Small Business Engagement, Applied Cybersecurity Division, NIST 
Information technology

Related Video

CSF 2.0 Webinar Series: Implementing CSF 2.0—The Why, What, and How
CSF 2.0 Webinar Series: Implementing CSF 2.0—The Why, What, and How
CSF 2.0 Webinar Series: Implementing CSF 2.0—The Why, What, and How

To address the ever-evolving cybersecurity landscape and equip organizations with information and resources to more quickly and effectively manage cybersecurity risk and improve their cybersecurity posture, NIST published a significant update to the NIST Cybersecurity Framework in 2024—CSF 2.0—the first major update to the framework in 10 years. Throughout the last year, organizations of all sizes and sectors have spent time familiarizing themselves with the CSF 2.0 and many are in the process of upgrading their cybersecurity security posture informed by CSF 2.0. 

In the first episode of NIST’s new multi-part CSF 2.0 webinar series, we provide an overview focused on implementing CSF 2.0, including:

• Why organizations would want to upgrade and how to foster bidirectional cybersecurity risk communications between leadership and practitioners. 
• Practical actions organizations can take to implement the CSF 2.0. 
• What resources are available to assist with implementation.

Speakers:
• Daniel Eliot, Lead for Small Business Engagement, Applied Cybersecurity Division, NIST
• Amy Mahn, International Policy Specialist, Applied Cybersecurity Division, NIST
• Stephen Quinn, Senior Computer Scientist and CSF Project Lead, Computer Security Division, NIST

Created September 3, 2025, Updated September 9, 2025
Was this page helpful?