Tom Le’s Post

Mattel CISO

8mo

The NIST CSF 2.0 release is finally here. As expected, CSF 2.0 adds a 6th core function: "govern." 20+ years ago we only had Protect, Detect, and Respond. Those sure were the good old days. "Have IDS, will travel." Now you have to plan, test, validate, discover, be proactive, deal with unknown unknowns... Pfft, and they call it progress. Read more: https://lnkd.in/gKW8kH5s CSF intro for the uninitiated: https://lnkd.in/g92gYcQa Or just dive right in - full CSF 2.0: https://lnkd.in/gVuuhESp

5 Comments

Arik Solomon

Co-Founder & CEO at Cypago | Cyber GRC Automation

8mo

A security plan without the Governance piece is like building a skyscraper without a blueprint. It's funny that only now, after endless number of severe cyber attacks, the 'G' gets its place in the 'RC' table ...

5 Reactions

Thomas Schiller

8mo

Been driving comprehensive Zero Trust at the Federal level leveraging dynamic capabilities for a while now. Properly done, it changes the game quite a bit.

2 Reactions

Nathan Landon

Chief Technology Officer at Karma-X

8mo

😲 Protect is in there! It's greater than Detect! Maybe somebody listened. 🤣

John Madelin

Cyber Security Freelancing

8mo

Kyle Tackley Thought this might be of interest :-)

1 Reaction

See more comments

To view or add a comment, sign in

More Relevant Posts

Virginia King

Contracts Specialist/Administrator
8mo
Report this post
Don't miss @Patrick's valuable thoughts on the latest NIST CSF 2.0 update in a special interview with @Nextgov. Discover how the framework prioritizes accessibility for all. See more: https://okt.to/USmuqA #NISTFramework
Like Comment
To view or add a comment, sign in
Cheryl Bunting

EMEA Event Marketing Manager | FIP, CIPP/E, CIPM at OneTrust
8mo Edited
Report this post
The NIST CSF 2.0 is finally here! It's the first update since its initial publication in 2014. Get all the inside info on scope, objectives and the new content here 👉 https://lnkd.in/eweuBu6N OneTrust DataGuidance
Like Comment
To view or add a comment, sign in
Bryce Barras

Cybersecurity Practitioner 👨🏻💻 🔐 🛡️
8mo
Report this post
Among the new features of the NIST CSF, it introduces the “Govern” function, which I think was much needed.
Like Comment
To view or add a comment, sign in
Hyperproof

13,358 followers
8mo
Report this post
NIST CSF 2.0 is here! Discover what changed, what stayed the same, and more in our latest blog post. You'll learn about: 🧑⚖️ The new Govern Function 🗺️ The breadth of the framework 📋 New resources from the National Institute of Standards and Technology (NIST) 🛡️ What to do if you’ve already implemented NIST CSF Read it now: https://okt.to/varQ7g #NISTCSF #NISTFramework #cybersecuritynews
Like Comment
To view or add a comment, sign in
Gustav Isaksson

ISMS Manager at Westermo
8mo
Report this post
NIST CSF 2.0 is here (!!) and to it I have a question! What’s the most impactful change they’ve made in your opinion? For me personally, I think it’s the more friendly overviews and possibility to search and find information more quickly. https://lnkd.in/dawgBU-F
Like Comment
To view or add a comment, sign in
Nick Kirtley
1w
Report this post
NIST CSF 2.0 was released February 2024. What is it? How can it help? And what are the changes to the prior version?
1 Comment
Like Comment
To view or add a comment, sign in
Axio

5,531 followers
6mo
Report this post
Wondering what's new in NIST CSF 2.0? The implementation examples are a new addition meant to provide additional explanatory context to the objectives of each subcategory statement. Check out the full recording to learn more: https://lnkd.in/e7KZK6QY
Like Comment
To view or add a comment, sign in
James Karnick

International Tax Partner at RSM US LLP
2mo
Report this post
NIST CSF 2.0 updates aim to help you proactively address your organization’s risks and protect the assets, processes and data that enable your business. Learn more here: https://rsm.buzz/4d1rCNI
Like Comment
To view or add a comment, sign in
Utkarsh Pandey

BTech CSE Cyber Security pre-final year | IEEE Student Member | ISC2 Member
5mo
Report this post
Hello everyone, Today while completing Domain 2 offered by ISC2, I had been through some definition and compliances of National Institute of Standards and Technology (NIST) such as NIST Special Publication (SP) 800-53 Revision 4 which deals with Breaches, NIST SP 800-61 Revision 2 which deals with Events, a short summary of Internet Engineering Task Force's IETF RFC 4949 Version 2 for Intrusions, threat and vulnerability compliance through NIST SP 800-30 Rev 1. I also observed the working of components in Incident Response plan, that is, Preparation, Detection & Analysis, Containment, Eradication and Recovery followed by Post-Incident Activity.
Like Comment
To view or add a comment, sign in
Insane Cyber

2,474 followers
1w
Report this post
In this week's blog, we're looking into NIST CSF and 62443 - background on both standards and considerations for each. Which is your favorite standard to follow? https://lnkd.in/gKA-uE62
Like Comment
To view or add a comment, sign in

5,025 followers

View Profile Follow

Tom Le’s Post

More from this author

Building Cyber Resilience with PAM - Privileged Access Management

Explore topics