Author(s):
Series Title
National Institute of Standards and Technology
Abstract
The NIST Cybersecurity Framework (CSF) 2.0 provides guidance to industry, government
agencies, and other organizations to manage cybersecurity risks. It offers a taxonomy of highlevel cybersecurity outcomes that can be used by any organization — regardless of its size,
sector, or maturity — to better understand, assess, prioritize, and communicate its
cybersecurity efforts. The CSF does not prescribe how outcomes should be achieved. Rather, it
links to online resources that provide additional guidance on practices and controls that could
be used to achieve those outcomes. This document describes CSF 2.0, its components, and
some of the many ways that it can be used.
Reference details
DOI
10.6028/NIST.CSWP.29
Resource type
Report
Year of Publication
2024
Publication Area
Cybersecurity and defense
Date Published
2024-02-26
How to cite this reference:
Technology, N. I. of S. and. (2024). The NIST Cybersecurity Framework (CSF) 2.0. In National Institute of Standards and Technology. https://doi.org/10.6028/NIST.CSWP.29 (Original work published)