Announcing Support for NIST CSF 2.0 in CyberHQ® less than 12 hours from its release

February 27, 2024

The National Institute of Standards and Technology (NIST) released the latest iteration of its landmark Cybersecurity Framework, NIST CSF 2.0 today. This represents a significant milestone in the ongoing effort to strengthen cybersecurity practices across industries. We are proud to announce that within 12 hours of release, we have added support for the new framework in CyberHQ®.

A number of Avertro customers have already been utilizing the draft version of CSF 2.0 since August 2023. They now have access to the official released version.

By expanding its scope, enhancing its focus on governance, and providing practical resources for implementation, NIST CSF 2.0 equips organizations with the tools they need to navigate an increasingly complex threat landscape.

Here are some key differences between 1.1 and 2.0:

1. Expanded Scope:

  • 1.1: Primarily focused on risk management and cybersecurity practices.
  • 2.0: Broadened scope to highlight the importance of cyber governance.

2. Emphasis on Supply Chain Security:

  • 1.1: Foundational inclusion of supply chain risk management.
  • 2.0: Places a heightened emphasis on assessing and mitigating risks within the supply chain, reflecting the growing awareness of the interconnected nature of modern digital ecosystems.

3. Integration of Privacy Considerations:

  • 1.1: Limited focus on privacy.
  • 2.0: Enhanced privacy considerations, aligning with the increasing regulatory focus on data privacy and protection.

4. Enhanced Guidance for Measuring Cybersecurity:

  • 1.1: Provided minimal guidance on measuring the effectiveness of cybersecurity efforts.
  • 2.0: Introduces a dedicated section on cybersecurity measurement, offering organizations actionable guidance on assessing and improving their cybersecurity posture.

5. Modular Structure:

  • 1.1: Followed a linear, step-by-step approach.
  • 2.0: Adopts a modular structure, allowing organizations to tailor the framework to their specific needs and priorities more effectively.

6. Integration of Feedback and Stakeholder Input:

  • 1.1: Developed with input from industry stakeholders.
  • 2.0: Builds upon this foundation by incorporating feedback from public workshops and requests for comment, ensuring that the framework remains relevant and responsive to evolving cybersecurity challenges.

NIST Cybersecurity Framework 2.0 represents a significant step forward in empowering organizations to strengthen their cybersecurity posture through robust governance practices. By providing comprehensive guidance and addressing emerging threats, the framework equips organizations across all sectors to navigate the complex and evolving cybersecurity landscape effectively.

Farrell Tirtadinata

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.