{"id":88808,"date":"2024-11-19T09:00:59","date_gmt":"2024-11-19T17:00:59","guid":{"rendered":"https:\/\/forescoutstage.wpengine.com\/blog\/why-the-dora-regulation-matters-beyond-the-eu%e2%80%af-copy\/"},"modified":"2025-04-16T10:07:52","modified_gmt":"2025-04-16T14:07:52","slug":"what-you-need-to-know-about-the-nist-cybersecurity-framework-2","status":"publish","type":"post","link":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/","title":{"rendered":"What You Need to Know About the NIST Cybersecurity Framework 2.0"},"content":{"rendered":"<p><em>Update: This blog has been updated to include the new CISA Cross-Sector Cybersecurity Performance Goals that are now organized to align with NIST CSF 2.0.<\/em><\/p>\n<p>Ten years ago, the National Institute of Standards and Technology (NIST)\u00a0<a href=\"https:\/\/www.nist.gov\/publications\/framework-improving-critical-infrastructure-cybersecurity-version-10#:~:text=The%20Executive%20Order%20established%20that,safety%2C%20security%2C%20business%20confidentiality%2C\" target=\"_blank\" rel=\"noopener\">released the Cybersecurity Framework (CSF) 1.0<\/a>\u00a0following an Executive Order from President Obama to help companies and governments facing cybersecurity attacks.<\/p>\n<p>In 2014, <a href=\"http:\/\/cnbc.com\/2013\/12\/27\/top-2013-cybersecurity-stories-and-what-to-watch-for-in-2014.html\" target=\"_blank\" rel=\"noopener\">data breaches were escalating<\/a>. Major Fortune 500 companies and household names, such as Target, Yahoo, 7-11, Visa, and more, experienced heaps of customer data theft, online fraud and attacks from malware. It was also the time of <a href=\"https:\/\/www.theguardian.com\/world\/2013\/jun\/09\/edward-snowden-nsa-whistleblower-surveillance\" target=\"_blank\" rel=\"noopener\">Edward Snowden and NSA information leaks<\/a> \u2013 and criminal organizations <a href=\"https:\/\/archives.fbi.gov\/archives\/losangeles\/press-releases\/2013\/twelve-charged-in-atm-card-skimming-scheme-that-caused-thousands-of-dollars-in-losses-to-banks\" target=\"_blank\" rel=\"noopener\">skimming physical ATM machines<\/a>.<\/p>\n<p>The NIST Cybersecurity Framework has become one of the most widely recognized approaches to managing security risk in the world. It established five foundational functions:\u00a0Identify, Protect, Detect, Respond and Recover.<\/p>\n<p style=\"font-weight: 400;\">\u00a0In 2018, version 1.1 was <a href=\"https:\/\/www.nist.gov\/news-events\/news\/2018\/04\/nist-releases-version-11-its-popular-cybersecurity-framework\" target=\"_blank\" rel=\"noopener\">updated to include<\/a>:<\/p>\n<ul>\n<li>Authentication and identity<\/li>\n<li>Self-assessing cybersecurity risk<\/li>\n<li>Managing cybersecurity within the supply chain<\/li>\n<li>Vulnerability disclosure<\/li>\n<\/ul>\n<p>The latest version, <a href=\"https:\/\/www.nist.gov\/news-events\/news\/2024\/02\/nist-releases-version-20-landmark-cybersecurity-framework\" target=\"_blank\" rel=\"noopener\">NIST CSF 2.0<\/a>, published in March 2024. It has been expanded to address where we are in today\u2019s risk landscape and expanding attack surface.<\/p>\n<p><a href=\"\/blog\/analysis-of-energy-sector-cyberattacks-in-denmark-and-ukraine\/\">Critical infrastructure hacked<\/a>. Supply chains disrupted. <a href=\"\/blog\/caught-in-the-act-ransomware-attack-sticks-to-our-ai-created-honeypot\/\">Ransomware causing major financial and public safety problems<\/a>. Between 2022 and 2023, ransomware grew by over 70%, according to the SANS Institute.<\/p>\n<p>The NIST cybersecurity framework has been developed with help and feedback from risk, compliance and security practitioners from a wide set of industry verticals. So, the framework feels more inclusive \u2013 and is more flexible for a broader set of organizational sizes.<\/p>\n<p style=\"font-weight: 400;\">Governance is now front and center in version 2.0 \u2013 and speaks to a new official level of comprehensive risk management, and compliance organizations need given today\u2019s threat environment.<\/p>\n<p>\u201cThe Govern function aims to help organizations incorporate cybersecurity risk management into broader enterprise risk management programs by presenting \u2018outcomes,\u2019 or desired states, to inform what an organization may do to achieve and prioritize the outcomes of the other five functions,\u201d <a href=\"https:\/\/www.csoonline.com\/article\/1310046\/nist-releases-expanded-2-0-version-of-the-cybersecurity-framework.html\" target=\"_blank\" rel=\"noopener\">explains<\/a> Cynthia Brumfield, author of the book \u201cCybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework.\u201d<\/p>\n<div style=\"display: block; margin: 10px; border-top: 1px solid #CCCCCC; border-bottom: 1px solid #CCCCCC; padding: 10px;\">\n<h4>See exactly how the Forescout Platform maps to NIST CSF 2.0<\/h4>\n<p class=\"u-display-flex u-flex-wrap u-gap\"><a href=\"\/ebook-how-to-align-with-the-nist-cybersecurity-framework\/\"  title=\"Get the eBook\" class=\"c-btn c-btn--primary has-icon icon-camera icon-position-right has-icon-animation icon-animation-pulse\"><span class=\"cta-button-text\">Get the eBook<\/span><\/a><\/p>\n<\/div>\n<p>Governance means leadership taking on more active and accountable role into cybersecurity policies which appears to be a consistent theme across standards and regulatory bodies.<\/p>\n<p>\u201cThe CSF\u2019s governance component emphasizes that cybersecurity is a major source of enterprise risk that senior leaders should consider alongside others such as finance and reputation,\u201d <a href=\"https:\/\/www.nist.gov\/news-events\/news\/2024\/02\/nist-releases-version-20-landmark-cybersecurity-framework\" target=\"_blank\" rel=\"noopener\">said<\/a> Under Secretary of Commerce for Standards and Technology and NIST Director Laurie E. Locascio.<\/p>\n<p>Making governance a priority is also a clear mandate for publicly traded companies that are under the Securities and Exchange Commission (SEC) in the US. <a href=\"https:\/\/www.sec.gov\/news\/press-release\/2023-139\" target=\"_blank\" rel=\"noopener\">Recent SEC rules<\/a> mandate disclosure and analysis of security leadership functionally, its roles and responsibilities, and codifies exacting disclosure timelines for investors.<\/p>\n<h2>What Else Is New in NIST CSF 2.0?<\/h2>\n<p>Beyond the \u2018Govern\u2019 function, NIST CSF 2.0 emphasizes continuous control and continuous improvement. And it starts with clearer language that appeals to more industries. It includes a few new precise categories and subcategories that address risk-based control measurement. Data privacy is also addressed in every section.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-88733\" src=\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp\" alt=\"\" width=\"1200\" height=\"628\" srcset=\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp 1200w, https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image-300x157.webp 300w, https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image-1024x536.webp 1024w, https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image-768x402.webp 768w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><\/p>\n<h3 style=\"font-weight: 400;\">Key Sections of the Framework<\/h3>\n<p style=\"font-weight: 400;\"><strong>Framework Core<\/strong> is a set of cybersecurity activities, desired outcomes and applicable references that are common across critical infrastructure sectors. It consists of six concurrent and continuous Functions: Govern, Identify, Protect, Detect, Respond and Recover.<\/p>\n<p style=\"font-weight: 400;\"><strong>Implementation Tiers<\/strong> describe the degree to which an organization\u2019s cybersecurity risk management practices exhibit the characteristics defined in the Framework, over a range from Partial (Tier 1) to Adaptive (Tier 4).<\/p>\n<p style=\"font-weight: 400;\"><strong>Framework Profile<\/strong> represents the Core Functions\u2019 Categories and Subcategories prioritized by an organization based on business needs and can be used to measure the organization\u2019s progress toward the Target Profile.<\/p>\n<p style=\"font-weight: 400;\"><strong>Organizational Profiles<\/strong> are customizable structures that allow organizations to align their actions, policy and objectives to the Core Framework.<\/p>\n<p style=\"font-weight: 400;\"><strong>Informative References<\/strong> are guidelines and practices that outline how to achieve the business and technical outcomes defined. NIST provides <a href=\"https:\/\/www.nist.gov\/informative-references\" target=\"_blank\" rel=\"noopener\">downloadable implementation examples<\/a> too.<\/p>\n<p>NIST also provides a <a href=\"https:\/\/www.nist.gov\/quick-start-guides\" target=\"_blank\" rel=\"noopener\">repository of quick start guides<\/a> \u2013 including by business type, such as small business or enterprise \u2013 and it includes a section on Cybersecurity Supply Chain Risk Management (C-SCRM) to help organizations \u201cbecome smarter acquirers and suppliers of technology products and services.\u201d<\/p>\n<p style=\"font-weight: 400;\"><strong><em>Go deeper. <\/em><\/strong><a href=\"\/ebook-how-to-align-with-the-nist-cybersecurity-framework\/\"><strong><em>Get the eBook<\/em><\/strong><\/a><strong><em>.<\/em><\/strong><\/p>\n<h2>Challenges of NIST<\/h2>\n<p>Because it is a framework and not a regulation, NIST adoption and adherence can have its challenges. It is no easy task to appeal and apply to every situation or technology infrastructure. But as an approach, it is one of the most widely used in the world. Here\u2019s how Brumfield <a href=\"https:\/\/csoonline.com\/article\/572127\/nist-seeks-information-on-updating-its-cybersecurity-framework.html\" target=\"_blank\" rel=\"noopener\">explains<\/a> the situation:<\/p>\n<p>\u201cSince the framework\u2019s inception, NIST has taken care not to prescribe any particular steps organizations should take, given that every organization has unique technical and resource configurations. Instead, NIST has referred to outcomes, which some argue\u00a0<a href=\"https:\/\/www.csoonline.com\/article\/572127\/nist-seeks-information-on-updating-its-cybersecurity-framework.html\" target=\"_blank\" rel=\"noopener\">offer little practical guidance<\/a>\u00a0on what specific actions organizations should take.\u201d<\/p>\n<h2>CISA\u2019s Cross-Sector Cybersecurity Performance Goals Are Now Aligned with NIST CSF 2.0<\/h2>\n<p>The US Cybersecurity &amp; Infrastructure Security Agency (CISA) <a href=\"https:\/\/www.cisa.gov\/cybersecurity-performance-goals\" target=\"_blank\" rel=\"noopener\">has released<\/a> Cross-Sector Cybersecurity Performance Goals (CPGs) that are a subset of cybersecurity practices \u201cselected through a thorough process of industry, government, and expert consultation, aimed at meaningfully reducing risks to both critical infrastructure operations and the American people.\u201d<\/p>\n<p>In 2024, CISA released Sector-Specific Goals (SSGs) that are tailored for organizations in select critical infrastructure sectors including:<\/p>\n<ul>\n<li>Cross-Sector CPGs<\/li>\n<li>Chemical Sector SSGs<\/li>\n<li><a href=\"https:\/\/www.naruc.org\/core-sectors\/critical-infrastructure-and-cybersecurity\/cybersecurity-for-utility-regulators\/cybersecurity-baselines\/\" target=\"_blank\" rel=\"noopener\">Energy Sector<\/a> (Distribution and Distributed Energy Resources) SSGs<\/li>\n<li><a href=\"https:\/\/hhscyber.hhs.gov\/\" target=\"_blank\" rel=\"noopener\">Healthcare SSGs<\/a><\/li>\n<\/ul>\n<p>And, according to CISA, there are two more set to release this year:<\/p>\n<ul>\n<li>Information Technology Sector SSGs<\/li>\n<li>Financial Services Sector SSGs<\/li>\n<\/ul>\n<p>CISA identifies that there are <a href=\"https:\/\/www.cisa.gov\/topics\/critical-infrastructure-security-and-resilience\/critical-infrastructure-sectors\" target=\"_blank\" rel=\"noopener\">16 critical infrastructure sectors<\/a> with unique needs, including:<\/p>\n<ul>\n<li>Chemicals<\/li>\n<li>Commercial Facilities Sector<\/li>\n<li>Communications<\/li>\n<li>Critical Manufacturing<\/li>\n<li>Dams<\/li>\n<li>Defense Industrial Base<\/li>\n<li>Emergency Services<\/li>\n<li>Energy<\/li>\n<li>Financial Services<\/li>\n<li>Food and Agriculture<\/li>\n<li>Government Services and Facilities<\/li>\n<li>Healthcare and Public Health<\/li>\n<li>Information Technology<\/li>\n<li>Nuclear Reactors, Materials, and Waste<\/li>\n<li>Defense Industrial Base<\/li>\n<li>Emergency Services<\/li>\n<\/ul>\n<h2>How Forescout Maps to the NIST Cybersecurity Framework 2.0<\/h2>\n<p style=\"font-weight: 400;\">To maximize the adaptability of the NIST cybersecurity framework across industries and sizes of operations, it is important to align these core capabilities with your organization\u2019s specific threat landscape, risk profile, and business requirements.<\/p>\n<p><strong>Our solutions map to these areas:<\/strong><\/p>\n<ul>\n<li>Cybersecurity maturity assessment<\/li>\n<li>Adaptable risk management<\/li>\n<li>Industry-specific security profiles<\/li>\n<li>Collaborative threat intelligence<\/li>\n<li>Policy management<\/li>\n<li>Assets and systems intelligence<\/li>\n<li>Advanced threat protection and response<\/li>\n<li>Automated Security Operations Centers<\/li>\n<li>Recovery and resilience<\/li>\n<\/ul>\n<div style=\"display: block; margin: 10px; border-top: 1px solid #CCCCCC; border-bottom: 1px solid #CCCCCC; padding: 10px;\">\n<h4>See exactly how the Forescout Platform maps to NIST CSF 2.0<\/h4>\n<p class=\"u-display-flex u-flex-wrap u-gap\"><a href=\"\/ebook-how-to-align-with-the-nist-cybersecurity-framework\/\"  title=\"Get the eBook\" class=\"c-btn c-btn--primary has-icon icon-camera icon-position-right has-icon-animation icon-animation-pulse\"><span class=\"cta-button-text\">Get the eBook<\/span><\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Update: This blog has been updated to include the new CISA Cross-Sector Cybersecurity Performance Goals that are now organized to align with NIST CSF 2.0. Ten years ago, the National Institute of Standards and Technology (NIST)\u00a0released the Cybersecurity Framework (CSF) 1.0\u00a0following an Executive Order from President Obama to help companies and governments facing cybersecurity attacks. [&hellip;]<\/p>\n","protected":false},"author":193,"featured_media":88733,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"ep_exclude_from_search":false,"footnotes":"","_links_to":"","_links_to_target":""},"categories":[562],"tags":[],"coauthors":[811],"class_list":["post-88808","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-views"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>What You Need to Know About the NIST Cybersecurity Framework 2.0<\/title>\n<meta name=\"description\" content=\"See all the important changes in the latest NIST cybersecurity framework 2.0. Access our eBook detailing all the important new updates.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What You Need to Know About the NIST Cybersecurity Framework 2.0\" \/>\n<meta property=\"og:description\" content=\"See all the important changes in the latest NIST cybersecurity framework 2.0. Access our eBook detailing all the important new updates.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/\" \/>\n<meta property=\"og:site_name\" content=\"Forescout\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ForescoutTechnologies\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-19T17:00:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-04-16T14:07:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Massimiliano Mandolini\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Forescout\" \/>\n<meta name=\"twitter:site\" content=\"@Forescout\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/\"},\"author\":{\"name\":\"Massimiliano Mandolini\",\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/person\/4ab5205274a55a000dcb1833cc552f5f\"},\"headline\":\"What You Need to Know About the NIST Cybersecurity Framework 2.0\",\"datePublished\":\"2024-11-19T17:00:59+00:00\",\"dateModified\":\"2025-04-16T14:07:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/\"},\"wordCount\":1106,\"publisher\":{\"@id\":\"https:\/\/www.forescout.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp\",\"articleSection\":[\"News &amp; Views\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/\",\"url\":\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/\",\"name\":\"What You Need to Know About the NIST Cybersecurity Framework 2.0\",\"isPartOf\":{\"@id\":\"https:\/\/www.forescout.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp\",\"datePublished\":\"2024-11-19T17:00:59+00:00\",\"dateModified\":\"2025-04-16T14:07:52+00:00\",\"description\":\"See all the important changes in the latest NIST cybersecurity framework 2.0. Access our eBook detailing all the important new updates.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#primaryimage\",\"url\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp\",\"contentUrl\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp\",\"width\":1200,\"height\":628},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.forescout.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What You Need to Know About the NIST Cybersecurity Framework 2.0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.forescout.com\/#website\",\"url\":\"https:\/\/www.forescout.com\/\",\"name\":\"Forescout\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.forescout.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.forescout.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.forescout.com\/#organization\",\"name\":\"Forescout Technologies, Inc.\",\"url\":\"https:\/\/www.forescout.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg\",\"contentUrl\":\"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg\",\"width\":1,\"height\":1,\"caption\":\"Forescout Technologies, Inc.\"},\"image\":{\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/ForescoutTechnologies\",\"https:\/\/x.com\/Forescout\",\"https:\/\/www.instagram.com\/forescouttechnologies\/\",\"https:\/\/www.linkedin.com\/company\/forescout-technologies\",\"https:\/\/www.youtube.com\/user\/forescout1\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/person\/4ab5205274a55a000dcb1833cc552f5f\",\"name\":\"Massimiliano Mandolini\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.forescout.com\/#\/schema\/person\/image\/ba58843d62b0a3f01e8ce8b409c06807\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e90d4386f043af74ddcb4bf92f35088f27ddfa78451286443d74ba8e6c87de47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e90d4386f043af74ddcb4bf92f35088f27ddfa78451286443d74ba8e6c87de47?s=96&d=mm&r=g\",\"caption\":\"Massimiliano Mandolini\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What You Need to Know About the NIST Cybersecurity Framework 2.0","description":"See all the important changes in the latest NIST cybersecurity framework 2.0. Access our eBook detailing all the important new updates.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/","og_locale":"en_US","og_type":"article","og_title":"What You Need to Know About the NIST Cybersecurity Framework 2.0","og_description":"See all the important changes in the latest NIST cybersecurity framework 2.0. Access our eBook detailing all the important new updates.","og_url":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/","og_site_name":"Forescout","article_publisher":"https:\/\/www.facebook.com\/ForescoutTechnologies","article_published_time":"2024-11-19T17:00:59+00:00","article_modified_time":"2025-04-16T14:07:52+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp","type":"image\/webp"}],"author":"Massimiliano Mandolini","twitter_card":"summary_large_image","twitter_creator":"@Forescout","twitter_site":"@Forescout","twitter_misc":{"Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#article","isPartOf":{"@id":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/"},"author":{"name":"Massimiliano Mandolini","@id":"https:\/\/www.forescout.com\/#\/schema\/person\/4ab5205274a55a000dcb1833cc552f5f"},"headline":"What You Need to Know About the NIST Cybersecurity Framework 2.0","datePublished":"2024-11-19T17:00:59+00:00","dateModified":"2025-04-16T14:07:52+00:00","mainEntityOfPage":{"@id":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/"},"wordCount":1106,"publisher":{"@id":"https:\/\/www.forescout.com\/#organization"},"image":{"@id":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp","articleSection":["News &amp; Views"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/","url":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/","name":"What You Need to Know About the NIST Cybersecurity Framework 2.0","isPartOf":{"@id":"https:\/\/www.forescout.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#primaryimage"},"image":{"@id":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#primaryimage"},"thumbnailUrl":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp","datePublished":"2024-11-19T17:00:59+00:00","dateModified":"2025-04-16T14:07:52+00:00","description":"See all the important changes in the latest NIST cybersecurity framework 2.0. Access our eBook detailing all the important new updates.","breadcrumb":{"@id":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#primaryimage","url":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp","contentUrl":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp","width":1200,"height":628},{"@type":"BreadcrumbList","@id":"https:\/\/www.forescout.com\/blog\/what-you-need-to-know-about-the-nist-cybersecurity-framework-2\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.forescout.com\/"},{"@type":"ListItem","position":2,"name":"What You Need to Know About the NIST Cybersecurity Framework 2.0"}]},{"@type":"WebSite","@id":"https:\/\/www.forescout.com\/#website","url":"https:\/\/www.forescout.com\/","name":"Forescout","description":"","publisher":{"@id":"https:\/\/www.forescout.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.forescout.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.forescout.com\/#organization","name":"Forescout Technologies, Inc.","url":"https:\/\/www.forescout.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg","contentUrl":"https:\/\/www.forescout.com\/wp-content\/uploads\/2019\/01\/forescout-logo.svg","width":1,"height":1,"caption":"Forescout Technologies, Inc."},"image":{"@id":"https:\/\/www.forescout.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ForescoutTechnologies","https:\/\/x.com\/Forescout","https:\/\/www.instagram.com\/forescouttechnologies\/","https:\/\/www.linkedin.com\/company\/forescout-technologies","https:\/\/www.youtube.com\/user\/forescout1"]},{"@type":"Person","@id":"https:\/\/www.forescout.com\/#\/schema\/person\/4ab5205274a55a000dcb1833cc552f5f","name":"Massimiliano Mandolini","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.forescout.com\/#\/schema\/person\/image\/ba58843d62b0a3f01e8ce8b409c06807","url":"https:\/\/secure.gravatar.com\/avatar\/e90d4386f043af74ddcb4bf92f35088f27ddfa78451286443d74ba8e6c87de47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e90d4386f043af74ddcb4bf92f35088f27ddfa78451286443d74ba8e6c87de47?s=96&d=mm&r=g","caption":"Massimiliano Mandolini"}}]}},"featured_media_url":"https:\/\/www.forescout.com\/wp-content\/uploads\/2024\/06\/NIST-CSF-2.0-featured-image.webp","is_file":false,"excerpt_manually_set":false,"_links":{"self":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/posts\/88808","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/users\/193"}],"replies":[{"embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/comments?post=88808"}],"version-history":[{"count":0,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/posts\/88808\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/media\/88733"}],"wp:attachment":[{"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/media?parent=88808"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/categories?post=88808"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/tags?post=88808"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.forescout.com\/wp-json\/wp\/v2\/coauthors?post=88808"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}