Skip to the main content.

blog-img-4

Managed IT Services

Responsive and innovative managed IT services to support your business and drive growth.

Learn More

 

IT Services

Responsive technical services to support your business and drive growth.

Professional Services

Leverage our team's deep experience to drive key business outcomes and transform your business.

Productivity

Supercharge your productivity and drive collaboration for employees, clients, and vendors.

Infrastructure

High performance cloud and network solutions to accelerate your business.

nav-img-0002

Events

Join our team for our insightful
online and in-person events.

Resource Library

Dive into our growing content library and learn how we partner with clients to achieve success.

Industries

Learn how we partner with clients in key verticals to solve challenges and drive growth.

Quest logo

Request support, track orders, and access self-help on our advanced online platform.

Client Portal

cus-img

Chat with a Solutions Specialist to learn about our IT services and solutions.

Get Started

The NIST CSF Version 2.0 is Coming in 2024

 
The NIST CSF Version 2.0 is Coming in 2024

The NIST Cybersecurity Framework (NIST CSF) is a freely available, widely applicable set of recommendations and guidelines created by the National Institute of Standards and Technology to assist organizations in securing themselves from threats to their information security. Originally published in 2014, the framework has received numerous updates, and in early 2024, the official second version of the framework, version 2.0, will be released.  

Currently, the NIST CSF covers five core functions of any mature cybersecurity program:  

  •  Identify – Fully understand and document the organization and its assets, people, processes, objectives, etc.  
  •  Protect – Implement controls to protect everything documented in the Identify step.  
  •  Detect – Implement systems for detecting threats to everything documented in the Identify step.  
  •  Respond – Implement policies, procedures, plans, and guidelines for responding to detected threats.  
  •  Recover – Implement policies, procedures, plans, and guidelines for recovering from detected threats.  

The core purpose of the five functions is to accurately inventory the organization and implement ways to protect its systems from threats, with each system being protected according to its relative criticality to the organization.  

A New Function: Govern

With the upcoming release of the NIST CSF version 2.0, a new function is being added to the framework: Govern. The Govern function will require organizations to perform increased due diligence, risk management, role delegation, and more.

Organizations will need to develop teams and procedures for determining the risk of third-party partners, suppliers, vendors, etc., and these risk assessment efforts must be formally documented. Risk management must be prioritized according to how critical the relationship with each third-party is determined to be.  

Sourcepass is Here to Assist

Third-party governance can be a time consuming and complex task, particularly in larger organizations. As part of our compliance and risk management services, Sourcepass can act as a liaison between your organization and your third parties. We will assist you in documenting your third-party relationships, assign a criticality ranking to them, and reach out to them on your behalf to perform due diligence reviews, all of which is formally documented and tracked in a private portal which you can access at any time.  

James Reichle is the Sourcepass Senior Cyber Risk Advisor. Reach out to James at (877) 678-8080.