Level up your cybersecurity with the Updated NIST Framework

September 18, 2024
1 min read

TLDR:

  • The NIST Cybersecurity Framework has been updated to reflect the evolving role of technology infrastructure on organizational objectives.
  • The new version, CSF2, includes a function focused on governance and a dedicated section on supply chain cybersecurity.

In the article “The Updated NIST Cybersecurity Framework,” Joel Lanz discusses the key changes and enhancements in the updated version of the NIST Cybersecurity Framework (CSF). The original framework consisted of five functions – identify, protect, detect, respond, and recover – aimed at enhancing cybersecurity practices in organizations. The updated version, CSF2, introduces a new function focused on governance, providing guidance on cybersecurity oversight for senior executives, risk management strategy, and supply chain cybersecurity.

CPAs have already been using the existing CSF to enhance client service delivery, provide assurance services, and manage cybersecurity risks. The article highlights how CPAs can utilize the CSF in various aspects of their work, such as in management accounting, cybersecurity advisory services, and compliance with IRS data protection regulations.

With the new enhancements in CSF2, financial managers, senior executives, and those with financial management oversight responsibilities will find valuable guidance on cybersecurity governance and supply chain risk management. The article emphasizes the importance of the updated framework for CPAs involved in cybersecurity, as it provides a foundational ability to combat evolving threats and demonstrate due diligence in mitigating legal risks.

The NIST has developed tools and guides to facilitate the adoption and implementation of CSF2 by diverse users and organizations, making it more accessible and user-friendly. CPAs are encouraged to leverage the new framework to deliver expertise, enhance risk oversight, and demonstrate necessary due diligence in managing cybersecurity risks.

Latest from Blog

Top 20 Linux Admin Tools for 2024

TLDR: Top Linux Admin Tools in 2024 Key points: Linux admin tools streamline system configurations, performance monitoring, and security management. Popular Linux admin tools include Webmin, Puppet, Zabbix, Nagios, and Ansible. Summary

Bogus job tempts aerospace, energy workers

TLDR: A North Korean cyberespionage group is posing as job recruiters to target employees in aerospace and energy sectors. Mandiant reports that the group uses fake job descriptions stored in malicious archives