Cybersecurity Framework

Videos

The NIST CSF 2.0

See more Videos

CSF 2.0 Webinar Series: Implementing CSF 2.0—The Why, What, and How

Latest Updates

• NIST Special Publication (SP) 800-70r5 ipd (Revision 5, initial public draft), National Checklist Program for IT Products – Guidelines for Checklist Users and Developers, is now available for public comment through January 16, 2026, at 11:59 PM. The update includes an appendix with enhanced mapping concepts between checklist settings, NIST Cybersecurity Framework (CSF) 2.0 outcomes, SP 800-53 controls, and Common Configuration Enumeration (CCE) identifiers for evidence-ready automation and reporting.
• Second Public Draft Released for Comment— NIST Cybersecurity Framework 2.0: Cybersecurity, Enterprise Risk Management, and Workforce Management Quick-Start Guide. The comment period for NIST SP 1308 2pd is open through January 7, 2026, at 11:59 PM (EST). Email comments to: csf [at] nist.gov (csf[at]nist[dot]gov).
• On November 17, 2025, NICE-v2.0.0-to-CSF-v2.0 (status: final), CSFv2.0-to-SP-800-53-Rev-5-2-0 (status: final), and Cyber-Governance-Code-of-Practice-to-CSF-v2.0 (status: final) were posted to the NIST OLIR (Online Informative References) catalog.
• Seeking comments through November 17, 2025: The NIST Internal Report (IR) 8183 Revision 2, Cybersecurity Framework Version 2.0 Manufacturing Profile. The Profile is structured around the NIST CSF 2.0 Functions: Govern, Identify, Protect, Detect, Respond, and Recover. These Functions form the basis for prioritizing cybersecurity outcomes tailored to the manufacturing sector, enabling manufacturers to align their cybersecurity efforts with business needs, risk tolerance, and available resources.
• On September 18, 2025, a mapping between CSF 2.0 and NIST SP 800-171 Rev. 3 (status: final) was posted to the NIST OLIR (Online Informative References) catalog.

See more Latest Updates