Careers Form

" " indicates required fields

First name* 
Last name* 
✓ Valid number ✕ Invalid number
Hidden
Max. file size: 50 MB.
Max. file size: 50 MB.
Untitled

We're committed to protect your privacy. C2A Security uses the information you provide to us to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Privacy Policy .

Office Administrator

  • Products
    • EVSec
    • EVSEC Analysis
    • EVSEC Attacker
    • EVSEC Endpoint
    • EVSEC Network
    • EVSEC VSOC Analyzer
  • News & Media
    • Media Articles
    • Press Releases
    • Blog
    • Events
    • Webinars
  • Research
  • About Us
  • Careers
  • Contact
  • English
    • 简体中文
Menu
  • Products
    • EVSec
    • EVSEC Analysis
    • EVSEC Attacker
    • EVSEC Endpoint
    • EVSEC Network
    • EVSEC VSOC Analyzer
  • News & Media
    • Media Articles
    • Press Releases
    • Blog
    • Events
    • Webinars
  • Research
  • About Us
  • Careers
  • Contact
  • English
    • 简体中文

NIST Updates its Cybersecurity Framework – What Does It Mean?

  • Category: Connected Vehicles, Cybersecurity Regulation
  • August 13, 2023
NIST is expanding its CSF2.0 with a significant addition of the 'Govern' pillar, underscoring the crucial role of senior leadership and risk management in cybersecurity.

The National Institute of Standards and Technology (NIST) is taking a big step forward with cybersecurity. A draft update to their renowned cybersecurity framework (CSF2.0) has recently been unveiled, with changes that emphasise the vital role of senior leadership in cybersecurity strategy.

One of the most notable modifications in the update is the expanded scope of the framework. It is no longer confined to critical infrastructure such as hospitals or banks; it now encompasses organisations of all types and sizes. Reflecting this broader coverage, the framework has been renamed “The Cybersecurity Framework,” replacing the previous name of “Framework for Improving Critical Infrastructure Cybersecurity.”

The updated NIST framework introduces several important enhancements, starting with the addition of a new sixth pillar called “Govern.” The ‘Govern’ pillar complements the existing five core functions of the cybersecurity framework, which are: Identify, Protect, Detect, Respond, and Recover.

 

The ‘Govern’ function delves into the decision-making processes within an organisation, focusing on the alignment and support of these decisions with the overarching cybersecurity strategy.

NIST’s announcement further elaborated on the significance of this change, emphasising that cybersecurity now stands on par with other critical enterprise risks, such as legal and financial considerations. This emphasis serves as a potent reminder to senior leadership about their role in upholding organisational security.

Additionally, the draft incorporates other enhancements, including improved guidance for tailoring the framework to specific situations. These adjustments are in response to community feedback and reflect NIST’s commitment to delivering adaptable and practical solutions.

“This change is a positive step for the automotive industry as the NIST framework now aligns with ISO/SAE 21434”, commented David Mor Ofek, Head of Product. The addition of the ‘Govern’ category necessitates proactive measures and accountability for security, signifying a shift towards a centralized platform.”

Find Out How We Can Help through Automated Compliance

EVSec is the only DevSecOps platform that helps automotive companies to automate their risk management practices, at scale. The platform was built to ‘take the edge off’ the compliance process for cybersecurity standards and regulations.

NIST is holding a hybrid workshop on September 19-20, 2023, at the NIST National Cybersecurity Center of Excellence, serving as another opportunity for the industry, academia and the public to provide feedback and comment on the draft.

If your organization seeks to effectively identify, protect, detect, respond, recover, and now govern your security protocols, our team is here to assist you. Don’t miss the opportunity to schedule a demo with us and explore how our tailored solutions can address your unique needs.

More articles that might interest you:

Cybersecurity Awareness Month: Mobility and EV Infrastructure

September 21, 2023

C2A Security Announces New Technology Collaboration with Siemens

September 5, 2023

Top 5 Artificial Intelligence (AI) Sessions at IAA Mobility 2023

August 22, 2023

FOLLOW US

  • YouTube
  • linkedin hover LinkedIn
  • Facebook
Join our newsletter

Jerusalem, ISRAEL

SEND US A MESSAGE

And we will get back to you soon
  • © 2023 All rights reserved C2A-SEC LTD 
  • Privacy Policy
Twitter youtube icon Linkedin
  • Products
    • EVSec
    • EVSEC Analysis
    • EVSEC Attacker
    • EVSEC Endpoint
    • EVSEC Network
    • EVSEC VSOC Analyzer
  • News & Media
    • Media Articles
    • Press Releases
    • Blog
    • Events
    • Webinars
  • Research
  • About Us
  • Careers
  • Contact
  • English
    • 简体中文
  • Products
    • EVSec
    • EVSEC Analysis
    • EVSEC Attacker
    • EVSEC Endpoint
    • EVSEC Network
    • EVSEC VSOC Analyzer
  • News & Media
    • Media Articles
    • Press Releases
    • Blog
    • Events
    • Webinars
  • Research
  • About Us
  • Careers
  • Contact
  • English
    • 简体中文
Learn More