The U.S. National Institute of Standards and Technology (NIST) has recently published a discussion draft as part of its plans to update the current version of its Cybersecurity Framework (CSF)
Published for public comment, the preliminary discussion draft, titled “Discussion Draft of the NIST Cybersecurity Framework 2.0 Core,” includes planned updates to the core elements of the framework presented in CSF 1.1. It specifically addresses cybersecurity outcomes across 6 Functions, 21 Categories, and 112 Subcategories, and includes new informative examples. The goal of the proposed changes is to help increase the clarity of the CSF and to bring the updated version in closer alignment with national and international cybersecurity standards and practices.
NIST says that public comments on the discussion draft will be incorporated into a draft version of CSF 2.0, which is expected to be released later this year.
NIST’s cybersecurity discussion draft is available for review.
Comments and other feedback on the draft can be submitted to cyberframework@nist.gov.