The National Institute of Standards and Technology (NIST) released the latest version of its draft cybersecurity framework on August 28 and the reviews are...mixed. The voluntary framework, mandated under President Obama's February executive order and intended to help critical infrastructure providers establish better cybersecurity programs, needs a lot more work, experts say, despite the greater detail NIST provided between versions one and two of the document.
But little time remains between a final workshop on the framework that NIST will host in Dallas next week and the October 10th deadline for publishing the preliminary framework in the Federal Register. Read my latest take on the framework in this article commissioned by CSO Magazine.
Image from the August 28th document released by NIST.