Publisher: National Institute of Standards and Technology
Published: February 2024
Summary: The NIST Cybersecurity Framework 2.0 provides guidance to industry, government agencies, and other organisations to manage cyber security risks. It offers a taxonomy of high-level cyber security outcomes that can be used by any organisation — regardless of size, sector, or maturity — to better understand, assess, prioritise, and communicate its cyber security efforts. The CSF does not prescribe how outcomes should be achieved. Rather, it links to online resources that provide additional guidance on practices and controls that could be used to achieve those outcomes.
Available from: https://doi.org/10.6028/NIST.CSWP.29