After ten years of working under the original model, and two years of working on revising it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF).
What changed? – NIST Cybersecurity Framework 2.0
Unlike the original, which was designed with critical infrastructure sectors in mind, CSF 2.0's scope has expanded to appropriate security tips for organizations in all sectors and of all sizes "regardless of their level of cybersecurity sophistication," NIST said.
For those unfamiliar with the CSF, it is a set of best practices and recommendations from NIST to help organizations improve their cybersecurity posture and increase organizational awareness of how to operate securely.
Along with broadening its scope, the new CSF [PDF] goes beyond being a best practices recommendation document, said NIST Director Laurie Locascio.