The National Institute of Standards and Technology on Monday released a much-anticipated update to its Cybersecurity Framework, which provides organizations with guidelines for implementing cybersecurity practices. Updates in Version 1.1 include refreshed guidelines on authentication and identity; cyber risk self-assessments; managing supply chain cybersecurity; and vulnerability disclosure. “This update refines, clarifies and enhances Version 1.0,” said Matt Barrett, program manager for the framework, in the release. “It is still flexible to meet an individual organization’s business or mission needs, and applies to a wide range of technology environments such as information technology, industrial control systems and the Internet of Things.” President Donald Trump issued an executive order in May 2017 directing all federal agencies to use the Cybersecurity Framework, including future versions, to manage cybersecurity risk. Beyond that, the framework also serves as reference point for the private sector. “First, business leaders and policymakers view the Framework as a pillar for managing enterprise […]
The post NIST releases updated cybersecurity framework appeared first on Cyberscoop.
Continue reading NIST releases updated cybersecurity framework→