| Abstrakt: |
The article discusses the release of the US National Institute of Standards and Technology's Cybersecurity Framework 2.0, which has been recognized as an international standard. The new version includes an emphasis on governance, supply chains, and applicability to smaller enterprises, with some praising it as a significant improvement. The article also highlights the changes in subcategories and the lack of rationale provided for the revisions, suggesting that information security professionals should analyze the differences between versions 1.1 and 2.0 to enhance their cybersecurity programs. [Extracted from the article] |
