CSF 1.1 International Resources

Resources relevant for international organizations and governments of other nations. NIST has not verified the accuracy of translations of the Cybersecurity Framework.

Video Resources

Here in the Information Technology Laboratory (ITL) at NIST, we value the international engagement we have on our various cybersecurity and privacy efforts. Our programs and resources have benefitted from discussions with international stakeholders through increased communication and coordination, additional information sharing opportunities, and valuable idea exchange. 

We encourage international participation at all stages in the development and evolution our programs. The feedback we receive—and lessons learned from international adaptation and implementation—helps us as we update and refine our resources. International engagement will remain an important focus for us and we welcome the chance to keep highlighting these perspectives that underline the important conversations we will continue to have with our partners around the world. 

To help highlight this important ongoing engagement, we’ve collected a series of videos that show how our partners across the world are looking at various cybersecurity and privacy issues that we at NIST are also tracking. We value these insights and appreciate understanding how our partners are thinking about these issues (as well as how some have utilized our NIST resources). 

If you are interested in submitting a perspectives video for this collection, please contact amy.mahn [at] nist.gov (amy[dot]mahn[at]nist[dot]gov). We look forward to continued conversations on these important topics! 

These videos were not developed by NIST.  Some include captioning from the points of contact, and NIST has included a closed captioning option for each video and English translation as needed.

Talk: Uruguay: A success case of the Cybersecurity Framework

 

 

Talk: Cybersecurity Perspective from Saudi Aramco

Talk: Cybersecurity Perspective from Israel National Cybersecurity Directorate

 

Talk: Cybersecurity Perspective from Nippon Telegraph and Telephone (NTT)

Talk: Cybersecurity Perspective from the Federal Office for National Economic Supply (FONES)

 

Cybersecurity Perspective from the European Commission

Translations

Visit our translations page [nist.gov] to see a full list of CSF V 1.1 translations.

Adaptations

A version of the Framework that substantially references language and content from Version 1.0 or 1.1 but incorporates new, original content. An adaptation can be in any language.

• Israel’s Cyber Defense Doctrine 2.0
  (The purpose of the Defense Doctrine is to present to the Israeli economy an orderly professional method for managing cyber risks in the organization.)
• Italy's National Framework for Cyber Security (Documents available in Italian and English)
  (A strategy, which derives much of its content from Version 1 of the Cybersecurity Framework, aims to provide organizations a homogeneous and voluntary approach to manage cybersecurity risks.)
• Ontario Cyber Security Framework: https://www.oeb.ca/sites/default/files/Ontario-Cyber-Security-Framework-20171206.pdf
  (A Framework developed by the Ontario Energy Board (OEB) and is used as the common basis for assessing and reporting capability to the OEB.)
• Scotland's Public Sector Action Plan 2017-2018
  (This adaptation, the “Safe, Secure and Prosperous: A Cyber Resilience Strategy for Scotland” Public Sector Action Plan 2017-2018, was developed in partnership by the Scottish Government and the National Cyber Resilience Leaders’ Board (NCRLB). This adaptation sets out the key actions that the Scottish Government, public bodies and key partners will take up to the end of 2018 to further enhance cyber resilience in Scotland’s public sector.)
• Uruguay's Cybersecurity Framework v4.0 (Page not in English)
  (A Framework produced by the Agency Electronic Government and Information Society and Knowledge (AGESIC) within the Government of Uruguay.)

Additional Guidance

• Australian Securities and Investments Commission’s (ASIC) Report 651 - Cyber resilience of firms in Australia’s financial markets: 2018–19
  (This report identifies key trends from self-assessment surveys completed by financial markets firms and highlights existing good practices and areas for improvement.)
• Baltic and International Maritime Council (BIMCO) Ship Guidelines The Guidelines on Cyber Security Onboard Ships
  (Developed by several international organizations, this resource is a set of guidelines designed to assist companies in formulating their own approaches to cyber risk management onboard ships.)
• Coalition to Reduce Cyber Risk’s (CR2) Seamless Security: Elevating Global Cyber Risk Management Through Interoperable Frameworks
  (A white paper promoting cybersecurity risk management, the use of international standards and interoperable national cyber frameworks as the best approach to improving cybersecurity outcomes globally.)
• The ECSO Cybersecurity Market Radar
  • 3^rd ECSO Cybersecurity Market Radar (9/18/2020)
  • ECSO Cybersecurity Market Radar (9/11/2019)
    (A comprehensive visualization tool, representing the European-based cybersecurity product vendors, service providers and consultancy offerings.)
• International Cyber Threat Task Force 
  (A not for profit initiative promoting the ecosystem of an international, independent, non-partisan, cyber security community.)
• International Organization for Standardization (ISO)/ International Electrotechnical Commission (IEC) Technical Specification 27110: Information technology, cybersecurity and privacy protection — Cybersecurity framework development guidelines.  [iso.org] (This document specifies guidelines for developing a cybersecurity framework. The guidelines specify that all cybersecurity frameworks should have the following concepts: Identify, Protect, Detect, Respond, Recover.)
• OAS & AWS's NIST Cybersecurity Framework White Paper
  (Addresses the main advantages and opportunities offered by the NIST methodology for cyber risk management in all technology services.)
• Switzerland's Information and Communications Technology (ICT) Minimum Standard (Page Not in English)
  (This minimum standard was developed by Switzerland’s Federal Office for National Economic Supply (FONES). The Minimum ICT Standard serves as a recommendation and potential guide to improving ICT resilience.  While it is aimed in particular at operators of critical infrastructures, it is applicable to any business or organization and is freely available.)
• United Kingdom’s Cabinet Office Minimum Cyber Security Standard
  (A minimum standard developed in collaboration with the UK government and National Cyber Security Centre (NCSC). This document defines the minimum security measures that UK Departments shall implement with regards to protecting their information, technology and digital services to meet their SPF and National Cyber Security Strategy obligations.  The SPF provides mandatory protective security outcomes that all Departments are required to achieve.)
• United Kingdom’s National Cyber Security Centre NIS Guidance Collection
  (A set of guidance from the UK National Cyber Security Centre (NCSC) and Department of Culture, Media and Sport (DCMS) for meeting requirements for the Network and Information Systems (NIS) Directive.)
• United Kingdom’s National Cyber Security Centre Risk management collection
• United Nations' International Maritime Organization  Guidelines on Maritime Cyber Risk
  (These guidelines provide high-level recommendations on maritime cyber risk management to safeguard shipping from current and emerging cyber threats and vulnerabilities.)