The U.S. National Institute of Standards and Technology (NIST) has released two new quick start guides to support organizations in their adoption of NIST’s Cybersecurity Framework 2.0.
Published at the end of March, the final version of SP 1308, “NIST Cybersecurity Framework 2.0: Enterprise Risk Management and Workforce Management Quick Start Guide,” applies widely adopted concepts and practices of risk management to help organizations foster more effective communications about cybersecurity risks and implement informed solutions.
Concurrently, NIST has also released for public review and comment a draft version of SP 1347, “CSF 2.0: Informative Reference Quick Start Guide.” This Quick Start Guide provides organizations with helpful reference information about CSF 2.0, as well as information about NIST tools to access that information.
The final version of SP 1308 on risk management is available at https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.1308.pdf. The initial public draft of SP 1347 on informative cybersecurity references is available at https://csrc.nist.gov/pubs/sp/1347/ipd. Public comment on the draft of SP 1347 can be made through May 6th.