登录查看更多内容

NIST Cybersecurity Framework 2.0

IMRAN RASHEED

Cyber Security Consultant | Auditor | Risk Assessment | SOC | VAPT| C-CISO | CISSP |

发布日期: 2024年3月2日

The CSF 2.0, which supports the implementation of the National Cybersecurity Strategy, has an expanded scope that goes beyond protecting critical infrastructure, such as hospitals and power plants, to all organisations in any sector.

The CSF's governance component emphasises that cybersecurity is a significant source of enterprise risk that senior leaders should consider alongside finance and reputation.

The framework's core is now organised around six essential functions: Identify, Protect, Detect, Respond and Recover, and CSF 2.0's newly added Govern function.

When considered together, these functions provide a comprehensive view of the life cycle for managing cybersecurity risk.

The updated framework anticipates organisations coming to the CSF with varying needs and degrees of experience implementing cybersecurity tools.

NIST is precisely the sort of respected organisation to do this correctly.

News URL

https://www.schneier.com/blog/archives/2024/03/nist-cybersecurity-framework-2-0.html

Cybersecurity for CEOs

333 位关注者

要查看或添加评论，请登录

IMRAN RASHEED的更多文章

PwC Urges Boards to Give CISOs a Seat at the Table

2024年9月30日

PwC Urges Boards to Give CISOs a Seat at the Table

According to PwC, cyber-resilience efforts must catch up among global organizations, partly because they fail to…
Human risk factors remain outside of cybersecurity pros’ control.

2024年3月16日

Human risk factors remain outside of cybersecurity pros’ control.

With new threats like AI and deepfake technology, the stakes are higher than ever to execute a robust cyber defence…
GhostRace – New Data Leak Vulnerability Affects Modern CPUs

2024年3月16日

GhostRace – New Data Leak Vulnerability Affects Modern CPUs

A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting…
BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks

2024年3月11日

BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks

The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity…
Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

2024年3月9日

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear)…
Hackers abuse QEMU to covertly tunnel network traffic in cyberattacks.

2024年3月7日

Hackers abuse QEMU to covertly tunnel network traffic in cyberattacks.

As part of the attack, threat actors used QEMU to create virtual network interfaces and a socket-type network device to…
Organisations are knowingly releasing vulnerable applications.

2024年3月7日

Organisations are knowingly releasing vulnerable applications.

According to Checkmarx, 92% of companies had experienced a breach in the prior year due to vulnerabilities of…
Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

2024年3月7日

Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails to steal NT LAN…
BlackCat ransomware shuts down in exit scam, blames the "feds"

2024年3月7日

BlackCat ransomware shuts down in exit scam, blames the "feds"

The BlackCat ransomware gang is pulling an exit scam, trying to shut down and run off with affiliates' money by…
Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams

2024年3月7日

Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams

A new DNS threat actor, Savvy Seahorse, is leveraging sophisticated techniques to entice targets into fake investment…

See all articles

NIST Cybersecurity Framework 2.0

IMRAN RASHEED

Cyber Security Consultant | Auditor | Risk Assessment | SOC | VAPT| C-CISO | CISSP |

News URL

Cybersecurity for CEOs

333 位关注者

IMRAN RASHEED的更多文章

社区洞察

其他会员也浏览了

Essential CMMC Resources Before 2025 Implementation

Changing Regulations

New week, new threat

Secure by Design - Best practices to keep your organisation safe

Week 35 of 2024

SecurityMetrics is proud to join the NIST Small Business Cybersecurity Community of Interest

Incident Response Plan and Incident Handling Phase 1: Preparation

The Cost Analysis and Return on Investment of Complying with NIST and CMMC Standards

Jenga is Tricky Enough Without Making it Even Harder

News URL

Cybersecurity for CEOs

333 位关注者

IMRAN RASHEED的更多文章

PwC Urges Boards to Give CISOs a Seat at the Table

Human risk factors remain outside of cybersecurity pros’ control.

GhostRace – New Data Leak Vulnerability Affects Modern CPUs

BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

Hackers abuse QEMU to covertly tunnel network traffic in cyberattacks.

Organisations are knowingly releasing vulnerable applications.

Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

BlackCat ransomware shuts down in exit scam, blames the "feds"

Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams

社区洞察

其他会员也浏览了

Essential CMMC Resources Before 2025 Implementation

Changing Regulations

New week, new threat

Secure by Design - Best practices to keep your organisation safe

Week 35 of 2024

SecurityMetrics is proud to join the NIST Small Business Cybersecurity Community of Interest

Incident Response Plan and Incident Handling Phase 1: Preparation

The Cost Analysis and Return on Investment of Complying with NIST and CMMC Standards

Jenga is Tricky Enough Without Making it Even Harder