The National Institute of Standards and Technology has published the modified version of its Framework for Improving Critical Infrastructure Cybersecurity, citing changes that address different cybersecurity issues.
NIST said Monday the Version 1.1 of the Cybersecurity Framework include “authentication and identity,” “self-assessing cybersecurity risk,” “managing cybersecurity within the supply chain” and “vulnerability disclosure.”
Matt Barrett, program manager for the Cybersecurity Framework, stated that the update simplifies the scheme’s previous version.
“It is flexible to meet an individual organization’s business or mission needs, and applies to a wide range of technology environments such as information technology, industrial control systems and the internet of things,” Barrett added.
NIST said the framework is created for industries that provide offerings for national and economic security.
The agency will work to publish a modified companion document called the Roadmap for Improving Critical Infrastructure Cybersecurity next year to discuss necessary developments, alignments and collaborations to execute the Cybersecurity Framework.