HomeCII/OTThe Governance Function of NIST CSF 2.0

The Governance Function of NIST CSF 2.0

Published on

spot_img

Cybersecurity leaders are constantly searching for new tools and strategies to combat the ever-evolving landscape of digital threats. Despite being responsible for protecting digital assets, Chief Information Security Officers (CISOs) have long faced a major gap in their management capabilities: a lack of oversight of their entire operations, preventing them from seeing the big picture while quickly identifying critical issues.

The initial version of the National Institute of Standards and Technology’s Cybersecurity Framework was created in 2014 in response to a presidential executive order aimed at helping critical infrastructure organizations mitigate cybersecurity risks. This framework was expanded in the Cybersecurity Framework 2.0 to include a new function called Govern, acknowledging the importance of effective management in the CISO role.

The Govern function provides CISOs with a more comprehensive approach to management, bridging the gap in their ability to address key questions and concerns proactively. Without this function, CISOs often struggle to assess policy enforcement, measure progress, or determine the impact of their investments on overall performance.

For example, evaluating readiness against specific threats and monitoring policy enforcement often relies on reactive approaches driven by rumors rather than concrete data. This lack of continuous visibility into performance metrics and controls hinders decision-making and strategic planning.

The Govern function aims to empower CISOs by promoting transparency, visibility, automation, and simplification. By providing insights into the implementation status of controls, automating metrics systems, translating technical data into understandable terms for executives, and enabling real-time monitoring of performance, CISOs can better govern, manage, and measure their cybersecurity operations.

In essence, the Govern function of the NIST CSF 2.0 signifies a shift towards proactive and informed leadership in cybersecurity management. With this new framework, CISOs can gain a sixth sense for overseeing their operations, making data-driven decisions, and enhancing their cybersecurity measures in a more efficient and effective manner. This new era of management will enable CISOs to navigate the complex digital landscape with confidence and agility, staying one step ahead of evolving threats and risks.

Source link

Latest articles

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...

Reducing Threats from the IABs Market

As ransomware attacks continue to escalate in frequency and severity, one of the key...

More like this

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...
en_USEnglish