https://www.nist.gov/news-events/news/2024/02/nist-releases-version-20-landmark-cybersecurity-framework
Since the release of CSF ver 1.2, the agency has been working on the major update and it has been finally released as version 2.0
In my view, the significant distinction lies in version 2.0’s broader scope, which caters to all industry sectors and organization types, spanning from small businesses and non-profits to the largest agencies and corporations, irrespective of their cybersecurity maturity. Additionally, this version addresses the previously overlooked aspect of “Governance.” A framework cannot be deemed comprehensive without sufficient governance controls. Moreover, the incorporation of IoT, OT, and AI alongside Information and Communications Technology is praiseworthy.
What do you think?
Leave a Reply