[2/27/24, 11:00 AM EST] CSRC has been experiencing technical issues. If you are unable to access a CSRC page or resource, or get a 503 error, please try reloading the page several times--it may help to wait a few minutes before trying again. We apologize for the inconvenience, and hope to have a solution in place next week.
The NIST Cybersecurity Framework (CSF) 2.0, along with its supplementary resources, can be used by organizations to understand, assess, prioritize, and communicate cybersecurity risks.
It is particularly useful for fostering internal and external communication at all levels (including across internal teams, from the C-Suite through middle management—and to those carrying out daily cybersecurity responsibilities). The CSF also seeks to improve communication with suppliers and partners and is intended to help organizations integrate cybersecurity-related issues with broader enterprise risk management strategies.
For overviews of the CSF 2.0 release, read our blog post and news article.
More about the CSF 2.0
Questions or comments about the CSF 2.0? Send them to cyberframework@nist.gov. You can also follow us on X via @NISTcyber to stay updated.
Security and Privacy: general security & privacy, risk management
Applications: cybersecurity framework
Activities and Products: quick start guides, reference materials