What's New in NIST's Cybersecurity Framework 2.0?
Fortra, Tuesday, April 2nd, 2024
The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) was published in 2014 for the purpose of providing cybersecurity guidance for organizations in critical infrastructure.
In the intervening years, much has changed about the threat landscape, the kinds of technology that organizations use, and the ways that operational technology (OT) and information technology (IT) work and interact.
In an effort to update NIST CSF for a broader and more current audience, the agency has finalized and released CSF 2.0, the first major change to the CSF. There are extensive changes between CSF 1.1 and CSF 2.0, including a fundamental shift in what the tool has the ability to do. The key changes outlined in CSF 2.0 are explored below.