The Department of Commerce’s National Institute of Standards and Technology (NIST) https://www.nist.gov has just released Version 1.1 of their Cybersecurity Framework https://www.nist.gov/cyberframework . This version includes updates on authentication and identity, self-assessing cybersecurity risk, managing cybersecurity within the supply chain, and provides updates on vulnerability disclosures.
The Framework was developed with a focus on industries vital to national and economic security and has proven to be flexible enough to be adopted voluntarily by large and small companies and organizations across all industry sectors. It has also been adopted by federal state and local governments.
’This update refines, clarifies, and enhances Version 1.0,” said Matt Barrett Program Manager for the Cybersecurity Framework. “It is still flexible to meet an individual organization’s business or mission needs, and applies to a wide range of technology environments such as information technology, industrial control systems, and the Internet of Things.”
NIST is planning a Cybersecurity Risk Management Conference on November 6 through 8, 2018 in Baltimore Maryland. Detailed information on the conference will soon be available ion https://www.nist.gov/cyberframework.