Cybersecurity Compliance
NIST Releases First Updates to Its Cybersecurity Framework Since 2014
Why This Announcement Is Important
The National Institute of Standards and Technology (NIST) has updated its cybersecurity framework for the first time since its original release in 2014, aiming to help all organizations, not just those in “critical infrastructure,” recognizing the extent of the threat cybercrime poses to the economy.
Overview
NIST’s Cybersecurity Framework (CSF), first issued in 2014, has long served as a primary source of guidance for reducing cybersecurity risk. Originally intended to help the nation's financial, energy, health care and other critical systems better protect their information and physical assets from cyberattack, NIST’s initial CSF provided a system that organizations, regulators, and customers could use to create, assess, and improve cybersecurity programs. The framework gave organizations principles and best practices to manage the data risks associated with cybercrime cost-effectively without unduly burdening businesses. CSF 1.0 was translated into 13 languages and widely used internationally to implement cybersecurity best practices.
Recognizing that cybercrime perpetrated against any organization—not just critical infrastructure—posed significant risks to the US economy, the NIST CSF 2.0 expands its scope to included all audiences, industry sectors, and organization types from the smallest schools and non-profits to large government agencies and corporations. The CSF emphasizes that cybersecurity is a major source of enterprise risk that senior leaders must consider alongside finances and reputation.
What It Covers
NIST Director Laurie E. Locasio explained that CSF 2.0 “is about a suite of resources that can be customized and used individually or in combination over time as an organization’s cybersecurity needs change and its capabilities evolve.” It contains:
- Implementation examples with actionable steps organizations can take to achieved desired outcomes
- Quick start guides for organizations with specific goals
- Mappings that show how different elements of NIST’s work are related and share themes
Additional elements of the framework include tools to help organizations implement the CSF, fine specific key elements of its guidance, a catalog of resources that correspond to elements of the CSF, and Cybersecurity and Privacy Reference Tool (CPRT), which contains an interrelated, browsable and downloadable set of NIST guidance documents that contextualizes these NIST resources, including the CSF, with other popular resources. It offers ways to communicate these ideas to both technical experts and the C-suite, so that all levels of an organization can stay coordinated.
It is important to leverage resources like the NIST Cybersecurity Framework and CISA Incident Response and Vulnerability playbooks before an event occurs. While digital forensic investigations often occur after the initial incident response, forensic technologies, workflows, and communication standards can and should be integrated with these resources in mind to provide higher quality investigations and enhanced learning and preparation to prevent or limit the next breach. Remote forensic agents that communicate with SOAR/SIEM solutions and are connected with automation provide the most security, give forensic teams with the most power to react in the event of a breach, and demonstrate good faith efforts to comply with data protection requirements.
Data Privacy Tip
Published by CISA in November 2021, the Cybersecurity Incident and Vulnerability Response Playbooks provide a framework to understand and implement response plans to minimize the risk of cyberattacks.
Download the Exterro FTK® action plan, Implementing the CISA Cybersecurity Response Playbook, to get started on the fundamentals of incident response.