The American National Institute of Standards and Technology (NIST) released version 2.0 of its Cybersecurity Framework (CSF) on February 26, 2024. What exactly has changed and what is new compared to version 1? You can read about it in this article!
What is NIST?
The National Institute of Standards and Technology is a scientific institution established by the US Government. Its goal is to promote innovation and industrial competitiveness. NIST is committed to various fields of science, including nanotechnology, information technology, engineering, and neutron science.
You may also know NIST by its former name, the National Bureau of Standards, which it held from 1901 to 1988.
What is the Cybersecurity Framework?
Origin of the Framework
One of the topics NIST is known for is its Cybersecurity Framework. This framework was published in 2014 with the aim of providing organizations with guidance to minimize the risk of cybersecurity incidents.
In 2018, the framework was revised, and version 1.1 was published, with a greater focus on strengthening federal networks and critical infrastructure. It became mandatory for U.S. federal government agencies to comply with the NIST Framework.
An addition to the NIST Framework was published in 2019. This was the Cybersecurity Maturity Model (CMMC).
Structure
The old Framework consisted of five categories:
- Identify: developing an understanding and management of cybersecurity risks of systems, assets, data, and capabilities at the organizational level.
- Protect: developing and implementing the appropriate security measures to ensure the delivery of critical infrastructure.
- Detect: developing and implementing the appropriate activities to identify/detect a cybersecurity event.
- Respond: developing and implementing the appropriate activities to take action against a detected cybersecurity incident.
- Recover: developing and implementing the appropriate activities to restore properties and/or services after a cybersecurity incident and prevent recurrence.
Implementing the Framework
The Cybersecurity Framework helps organizations with these five pillars. When an organization starts implementing it, they often begin by creating a "Current Profile." This outlines the organization's current cybersecurity level.
Then, a "Target Profile" is established, outlining the desired cybersecurity outcomes, including necessary measures and risks for the organization.
Once both the Current and Target Profiles are set, a Gap Analysis can be conducted to identify the gap between the current and desired situations. This helps the organization take the right measures to improve.
Why a new version?
Times, technologies, and threats are constantly evolving. The NIST Cybersecurity Framework is intended to be a "living document" and requires adjustments from time to time to stay relevant.
Various stakeholders pushed for changes to the Cybersecurity Framework in 2018. In January 2023, NIST published a draft version, followed by version 2.0 becoming final on February 26, 2024.
Version 2.0: the changes
Compared to version 1.1, the CSF has mainly received the following changes:
1. New category
You have just read about the five categories of the CSF: Identify, Protect, Detect, Respond & Recover. Version 2.0 adds a new category: Govern.
Unlike the other categories, Govern is not a separate category but an overarching one. This ensures that organizational context plays an important role throughout the model.
2. Changed title & scope
The title of the Framework is now "Cybersecurity Framework" instead of "Framework for Improving Critical Infrastructure Cybersecurity."
The scope has also been adjusted to allow more types of organizations to use the framework to enhance their cybersecurity.
3. Implementation examples
The Framework now includes implementation examples to establish practical and action-oriented processes based on the (now 6) categories.
4. Continuous improvement
A new "Improvement" chapter has been added to emphasize continuous improvement.
How SecurityHive helps comply with the NIST CSF
How SecurityHive helps comply with the NIST CSF
The new NIST Cybersecurity Framework is a welcome update and provides many tools for organizations to improve their cybersecurity.
SecurityHive makes it easy for organizations to become more compliant and streamline their processes according to the NIST CSF.
Honeypots make it easy to detect hackers and suspicious activity in a network, contributing to the Detect category. They are also useful in the Recover category, where information from an attack can be used to take countermeasures.
Vulnerability Management proactively identifies vulnerabilities and misconfigurations, allowing appropriate actions to prevent incidents, contributing to the Protect category.
DNS Guard blocks the establishment of malicious and dangerous connections on corporate networks, IoT, and roaming devices, primarily contributing to the Protect category. This solution is so flexible that it also adds value in the Detect category (recognizing infected systems) & Respond category (isolating systems).
Discover the NIST Cybersecurity Framework yourself!
You can directly contribute to compliance with the NIST Framework within your organization using SecurityHive's solutions. Schedule a meeting with SecurityHive's experts, or explore the NIST CSF directly via the links below.
NIST News Article: https://www.nist.gov/news-events/news/2024/02/nist-releases-version-20-landmark-cybersecurity-framework
NIST Cybersecurity Framework version 2.0: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.29.pdf