The National Institute of Standards and Technology (NIST) will soon release an updated draft of the existing U.S. cybersecurity framework. Mandated by the White House and Congress, the draft of the NIST Cybersecurity Framework (CSF) 2.0 will present a more agile and adaptive version to account for existing and emerging technologies. Through November 2023, NIST is accepting public comment on CSF 2.0, which is a tremendous undertaking after years of maintaining the same guidance. Since its inception in 2014, the CSF has played a pivotal role in assisting organizations worldwide in managing and mitigating cybersecurity risks. As threats to the online landscape continually evolve, NIST is diligently committed to ensuring the continued protection of both critical and non-critical infrastructure of all organizations across the U.S.
With emerging technologies like artificial intelligence better enabling hackers, and other online threats, including more sophisticated malware and ransomware, the CSF 2.0 will require some future proofing, along with continued dialogue around how to involve more organizations, including small to medium-sized businesses, in efforts that enable greater online security governance, protocols, and practices. Further, the CSF 2.0 will be of interest to global actors; the current framework has been downloaded millions of times. In remembrance of 9/11, having resilient cybersecurity infrastructure and related resources will better protect the assets of government, and other organizations, including universities, small to large businesses, and even nonprofit organizations – an ecosystem that will expand in the forthcoming CSF 2.0 draft.
In this episode of the TechTank Podcast, co-Host Nicol Turner Lee explores some of the new refreshed elements of the existing CSF with Cherilyn Pascoe, Director of the National Cybersecurity Center of Excellence at NIST. Together, they discuss the national priorities surrounding the CSF 2.0, its goals and objectives, audiences, outcomes, and how the agency will continue to gather feedback on the recent updates to the NIST framework.