FYI - Please consider submitting comments before 4 November 2023!
---------- Forwarded message ---------
[from NIST Automotive Security mailing list Tuesday 8 August 2023]
After reviewing more than a year’s worth of community feedback, NIST has
released a Draft of The NIST Cybersecurity Framework 2.0 for public
comment! This draft represents a major update to the CSF—a resource first
released in 2014 to help organizations reduce cybersecurity risk. The draft
update reflects changes in the cybersecurity landscape and makes it easier
to put the CSF into practice for all organizations. The CSF 2.0 draft
reflects several major changes, including: an expanded scope, the addition
of a sixth function, Govern, and improved and expanded guidance on
implementing the CSF—especially for creating profiles.
Today, NIST is also releasing a separate discussion draft of the
Implementation Examples included in the CSF 2.0 Draft Core for public
comment. We will also soon share a new CSF 2.0 Reference Tool, which will
allow users of the CSF 2.0 to download and search the CSF 2.0 Draft Core.
As CSF 2.0 is finalized, the updated Examples and CSF Informative
References will be maintained on the CSF site.
Public comments will be accepted on both of these drafts via
cyberframework at nist.gov until Friday, November 4, 2023; feedback will
inform the development of the final CSF 2.0, which will be published in
early 2024.
Save the Date:
A hybrid Fall workshop will be held on September 19-20, 2023—and will
include options for virtual and in-person attendance—at the NIST National
Cybersecurity Center of Excellence (registration will open soon).The
workshop will serve as another opportunity for the public to provide
feedback and comment on the draft.
Thank you for sharing in our excitement and for being such an important
part of this process. As always, please continue to visit our Journey to
CSF 2.0 website for important news, updates, and documents in the coming
months—and follow us on Twitter via @NISTcyber.
Read the CSF 2.0 Draft
https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDgsInVyaSI6ImJwMjpjbGljayIsInVybCI6Imh0dHBzOi8vY3NyYy5uaXN0Lmdvdi9wdWJzL2Nzd3AvMjkvdGhlLW5pc3QtY3liZXJzZWN1cml0eS1mcmFtZXdvcmstMjAvaXBkIiwiYnVsbGV0aW5faWQiOiIyMDIzMDgwOC44MDgyNDQ2MSJ9.MeV97iCODi1KoIzleskHc3tvZAkynn3Iy1FXC6G4GhU/s/343127688/br/223878359450-l
NIST Cybersecurity and Privacy Program
Questions/Comments about this notice: cyberframework at nist.gov
CSRC Website questions: csrc-inquiry at nist.gov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/pwg-announce/attachments/20230810/549952d4/attachment.html>