Compliance Corner: NIST CSF 2.0 Released!

  • 29 February 2024
  • 1 reply

Userlevel 2



The first version of NIST’s Cybersecurity Framework aka NIST CSF was released in 2014 and has become enormously popular with businesses and organizations of all sizes. In fact, it is a top 5 framework within ControlMap’s MSP community alongside CIS, SOC 2, ISO 27001, and CMMC/NIST 800-171. The appeal of NIST CSF is its logical approach to Cybersecurity with control objectives organized into 5 easy to understand functional groups:


“Identify” →  “Protect” →  “Detect” →  “Respond” →  “Recover”


Now a newly introduced sixth functional group added to NIST CSF 2.0 is “Govern,” focusing specifically on Governance.

You’ll likely find NIST CSF requested by small- and mid-sized government agencies such as water authorities, city/state/county departments, and Port Authorities, among other critical infrastructure organizations and their vendors. Private-sector organizations are also looking to align with insurance requirements or well-recognized Federal standards.

ControlMap will continue to support NIST CSF 1.1, but look for the NIST CSF 2.0 update, arriving in March 2024!


Some reference links: 


1 reply


Great content, Dan!