The National Institute of Standards and Technology (NIST) has issued a draft update (PDF) to the Framework for Improving Critical Infrastructure Cybersecurity—also known as the Cybersecurity Framework.
Providing new details on managing cyber supply chain risks, clarifying key terms, and introducing measurement methods for cybersecurity, the updated framework aims to further develop NIST’s voluntary guidance to organizations on reducing cybersecurity risks.
The Cybersecurity Framework was published in February 2014 following a collaborative process involving industry, academia and government agencies, as directed by a presidential executive order.
The original goal was to develop a voluntary framework to help organizations manage cybersecurity risk in the nation’s critical infrastructure, such as bridges and the electric power grid, but the framework has been widely adopted by many types of organizations across the country and around the world. The Cybersecurity Enhancement Act of 2014 calls for NIST to continue its work on the framework.
But How Do You Keep Track Of These Hundreds Of Controls?
Here is a great way to get through audits in half the time and at half the cost. The KnowBe4 Compliance Manager (KCM) simplifies the complexity of getting compliant and eases your burden of staying compliant year round:
- Quick Implementation with Compliance Templates - Pre-built requirements templates for the most widely used regulations like NIST
- Enable Users to Get the Job Done - You can assign responsibility for controls to the users who are responsible for maintaining them.
- Dashboards with Automated Reminders - Quickly see what tasks have been completed, not met, and past due. With automated email reminders, your users can stay ahead of any gaps in compliance.
See for yourself how you can minimize the busy work associated with audits and compliance, and how easy this becomes using KCM. Request a demo:
Photo Credit: N. Hanacek/NIST and ©bluebay/Shutterstock