On February 26, 2024, the National Institute of Standards and Technology (NIST) released the long-awaited second version of the Cybersecurity Framework (CSF). Dubbed “CSF 2.0,” it contains a few ...

In this post in our series on basic cybersecurity concepts for lawyers (see here and here for prior posts), we delve into the National Institute of Standards and Technology (NIST) Cybersecurity ...

NIST's CSF, used with other guidance, can help map risk to actual threats and better comply with security mandates such as the U.S.'s cybersecurity executive order. The U.S. federal government has ...

Global cyberattacks have risen sharply over the last few years, increasing by 38% in 2022, according to Check Point. Combine this with the increasing cost of a data breach, averaging $9.44 million in ...

NIST seeks comments ahead of the 2024 release of CSF 2.0, which aims to appeal to a broader range of organizations while elevating the importance of corporate governance and more fully addressing ...

The message is that "risk management needs to be elevated to an enterprise-level, with key leadership involvement," Gartner's Katell Thielemann said. NIST is seeking feedback on this draft and the ...

During my conversations with company leaders, I'm often asked how security measures can be improved. Usually, they mean their information security program, but sometimes they mean physical security ...

A GAO report has found that additional actions are needed to establish cybersecurity framework adoption across agencies. GAO found that most of the 16 critical infrastructure sectors took action to ...

To continue reading this content, please enable JavaScript in your browser settings and refresh this page. As cyber threats become more sophisticated and regulatory ...

A group of five federal financial regulatory agencies is sunsetting a tool that banks use to assess cybersecurity risks, part of what an Office of the Comptroller of the Currency official said is an ...

The National Institute of Standards and Technology (NIST) is seeking feedback on their draft Cybersecurity Framework (CSF) 2.0. The release of this public draft is an important milestone for ...