Cybersecurity: NIST’s New Framework (Version 1.1)

Recently, NIST released an updated cybersecurity framework. This popular framework is entitled “Version 1.1” rather than the “2.0” that some have been calling it (including us) when the proposal was released last year. Here’s an excerpt from a Wachtell Lipton memo (link to this memo coming soon): The updated Framework, entitled Version 1.1, is intended to clarify and refine (rather than replace) NIST’s original 2014 Cybersecurity Framework, Version 1.0, and builds on the original version’s five core cybersecurity functions—Identify, Protect, Detect, Respond, and Recover—and tiered implementation system. Instead of a “one-size-fits-all” approach, the Framework continues to be a flexible platform that can be customized to address the particular cybersecurity risks faced by any company. Of broader import, the updated Framework encourages companies to integrate cybersecurity objectives into strategic planning and…

Read more detail on Recent Banking and Finance Law posts –

This entry was posted in Banking and Finance law and tagged , , , . Bookmark the permalink.

Leave a Reply