NIST cybersecurity framework 2.0 was just released – what do you think of the update so far?

1.5k viewscircle icon5 Comments
Sort by:
Cyber risk / cyber insurance professional, CMO in Software2 years ago

The addition of "GOVERN" as a first step is welcome. There is a need to help executive understand cyber risk challenges better and cybersecurity needs to be elevated to a business topic. 
GOVERN is a starting point where some attention will need to be placed on Cyber Risk which is a starting point to better allocate cybersecurity effort. You can't solve all vulnerabilities but if you know where you're most at risk you can make better informed decision on how to allocate resources. 

CISO in Healthcare and Biotech2 years ago

CSF 2.0 is now available to organizations beyond critical infrastructure, providing support to all. Its focus is on governance and supply chain risks, and it includes helpful resources such as quick-start guides and a tailored implementation reference catalog. The framework encourages organizations to share their cybersecurity experiences with the community and is an effective way to manage risks.

Cyber risk / cyber insurance professional, CMO in Software2 years ago

The addition of Govern as a first step will really help bridge the gap between cybersecurity as a technology topic and the need for business to understand and manage cyber risk with financial metrics. 

Lightbulb on1
CISO in Education2 years ago

The addition of Governance is long overdue!  

Senior VP & CISO2 years ago

Love the add of Governance

Content you might like

Analytics platforms to automate the detection of threats across endpoints, networks, and identities.63%

Solutions to automate the response to threats across endpoints, networks, and other systems.52%

None of the above1%

View Results

Yes, every year!24%

Yes, most years64%

No, but we might start next year9%

No2%

View Results