NIST CSF 2.0 Cyber Framework

United States

2024

Cybersecurity

Overview

The NIST Cybersecurity Framework (CSF) 2.0, released in February 2024, is an updated version of the original framework developed by the National Institute of Standards and Technology (NIST). CSF 2.0 expands its applicability beyond critical infrastructure to include organizations of all sizes and sectors, both public and private.

The framework provides a flexible structure for managing and reducing cybersecurity risk. It is organized around six core functions: Govern, Identify, Protect, Detect, Respond, and Recover. Each function includes categories and subcategories of security outcomes and references to widely accepted standards. Though voluntary, CSF 2.0 is widely used by financial institutions, healthcare providers, technology companies, and government agenciesto strengthen cyber resilience and align with regulatory compliance.

Key Obligations

Establish governance structures to oversee cybersecurity risk
Identify assets, systems, and data to manage risk exposure
Implement safeguards for identity access, data security, and awareness

Detect anomalies and cybersecurity events in real time
Develop and test response and recovery plans for incidents
Conduct continuous assessments and updates to cybersecurity posture

FAQ

Related Regulations

FTC Safeguards Rule Amendments

CIRCIA Cyber Incident Reporting Law

NYDFS Part 500 Cybersecurity Rule

Stay ahead of risk with Signzy

Explore tools that help you onboard, monitor, and verify with confidence

Identity Verification

Use facial match and liveness checks paired with government ID verification to make sure the person holding the document is the person you're onboarding.

Criminal Screening

Thorough background checks and criminal record verification to ensure compliance and maintain security standards in your onboarding process.