NIST Releases Cybersecurity Framework Update

The National Institute of Standards and Technology (NIST) has updated the original NIST Cybersecurity Framework, first released in 2014. The draft update was released on January 10 and contains many of the anticipated revisions as well as:

  • Significant updates to the cyber supply chain risk management
  • Defined cybersecurity terminology
  • Identity Management and Access Control updates (including “identity proofing”)
  • A new section on cybersecurity measurement

Comments on the proposed updates are due by April 10, 2017.