Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

USA: NIST publishes Quick Start Guide for Cybersecurity Framework 2.0

On February 26, 2024, the National Institute of Standards and Technology (NIST) published the NIST Special Publication (SP) 1301 NIST Cybersecurity Framework 2.0: Quick Start Guide for Creating and Using Organizational Profiles. In particular, the Quick Start Guide (QSG) aims to facilitate the use of the Cybersecurity Framework 2.0 (CSF) published on February 26, 2024.

More specifically, the QSG provides that an organizational profile describes an organization's current and/or target cybersecurity posture. Organizational profiles can be categorized as a current profile, which specifies how an organization may achieve its desired CSF outcomes, or a target profile, which considers anticipated changes to an organization's cybersecurity posture such as the adoption of new technology.

The QSG clarifies that the CSF presents a five-step process for creating and using organizational profiles, including:

  • the scope of the organizational profile - reasons for creating the organizational profile;
  • gathering the information needed - such as organization policies, risk management priorities, and other cybersecurity standards;
  • creating the organizational profile - using the applicable CSF template with changes to suit organizations' needs;
  • analyzing gaps and creating an action plan - a waiting list of pending improvements for the cybersecurity program; and
  • implementing the action plan and updating the organizational profile - a combination of management and technical controls.

You can read the publishing information here, the QSG here, and the CSF 2.0 here.