On February 26, 2024, the National Institute of Standards and Technology (NIST) released the long-awaited second version of the Cybersecurity Framework (CSF). Dubbed “CSF 2.0,” it contains a few ...

In this post in our series on basic cybersecurity concepts for lawyers (see here and here for prior posts), we delve into the National Institute of Standards and Technology (NIST) Cybersecurity ...

The NIST Cybersecurity Framework 2.0 is designed to be universally applicable, extending its reach beyond critical infrastructure sectors to encompass all industries. This inclusive approach is a ...

NIST's CSF, used with other guidance, can help map risk to actual threats and better comply with security mandates such as the U.S.'s cybersecurity executive order. The U.S. federal government has ...

The message is that "risk management needs to be elevated to an enterprise-level, with key leadership involvement," Gartner's Katell Thielemann said. NIST is seeking feedback on this draft and the ...

The National Institute of Standards and Technology (NIST) is seeking feedback on their draft Cybersecurity Framework (CSF) 2.0. The release of this public draft is an important milestone for ...

During my conversations with company leaders, I'm often asked how security measures can be improved. Usually, they mean their information security program, but sometimes they mean physical security ...

Emerging NIST guidance suggests that the long-standing practice of treating AI as “just software” for cybersecurity purposes ...

A group of five federal financial regulatory agencies is sunsetting a tool that banks use to assess cybersecurity risks, part of what an Office of the Comptroller of the Currency official said is an ...

To continue reading this content, please enable JavaScript in your browser settings and refresh this page. As cyber threats become more sophisticated and regulatory ...