As part of its ongoing effort to stay current with the ever-changing cybersecurity landscape, the National Institute of Standards and Technology (NIST) is seeking public comments on its plans to overhaul its Cybersecurity Framework (CSF).
NIST’s CSF, formally known as “Framework for Improving Critical Infrastructure Cybersecurity,” was originally published in 2014 and most recently updated in 2018. NIST is currently seeking input on three main areas of the CSF, including:
- How the CSF is being used, what aspects of the Framework are working, and what aspect would benefit from changes;
- Suggestions on how to increase the alignment between the CSF and other NIST and non-NIST cybersecurity guidance documents and resources; and
- Comments on current cybersecurity issues related to supply chains and how to harmonize the CSF with NIST’s National Initiative for Improving Cybersecurity in Supply Chains
Comments in response to the NIST Request for Information are due by April 25th and can be submitted by email to SCRM-RFI@nist.gov. Commenters are asked to cite “RFI: Evaluating and Improving Cybersecurity Resources: The Cybersecurity Framework and Cybersecurity Supply Chain Risk Management,” in their correspondence.