Skip to the main content.
Client Portal
Client Portal

blog-img-4

Managed IT Services

Responsive and innovative managed IT services to support your business and drive growth.

Learn More

 

IT Services

Responsive technical services to support your business and drive growth.

Cyber Security Services

Industry leading security services to protect your company, data, and employees. 

Professional Services

Leverage our team's deep experience to drive key business outcomes and transform your business.

Productivity

Supercharge your productivity and drive collaboration for employees, clients, and vendors.

Infrastructure

High performance cloud and network solutions to accelerate your business.

Cyber Security

Industry leading security solutions to protect your company, data, and employees.

Digital Transformation

Embrace the modern cloud workplace and accelerate your business.

nav-img-0002

Events

Join our team for our insightful
online and in-person events.

Resource Library

Dive into our growing content library and learn how we partner with clients to achieve success.

Industries

Learn how we partner with clients in key verticals to solve challenges and drive growth.

Quest logo

Request support, track orders, and access self-help on our advanced online platform.

Client Portal

cus-img

Chat with a Solutions Specialist to learn about our IT services and solutions.

Get Started

Contact Us

Connect

The NIST CSF Version 2.0 is coming in 2024

Aug 31, 2023 James Reichle Blog 1 min read

 
The NIST CSF Version 2.0 is coming in 2024

The NIST Cybersecurity Framework (NIST CSF) is a freely available, widely applicable set of recommendations and guidelines created by the National Institute of Standards and Technology to assist organizations in securing themselves from threats to their information security. Originally published in 2014, the framework has received numerous updates, and in early 2024, the official second version of the framework, version 2.0, will be released.  

 Currently, the NIST CSF covers five core functions of any mature cybersecurity program:  

 Identify – Fully understand and document the organization and its assets, people, processes, objectives, etc.  

 Protect – Implement controls to protect everything documented in the Identify step.  

 Detect – Implement systems for detecting threats to everything documented in the Identify step.  

 Respond – Implement policies, procedures, plans, and guidelines for responding to detected threats.  

 Recover – Implement policies, procedures, plans, and guidelines for recovering from detected threats.  

 The core purpose of the five functions is to accurately inventory the organization and implement ways to protect its systems from threats, with each system being protected according to its relative criticality to the organization.  

 With the upcoming release of the NIST CSF version 2.0, a new function is being added to the framework: Govern. The Govern function will require organizations to perform increased due diligence, risk management, role delegation, and more. Organizations will need to develop teams and procedures for determining the risk of third-party partners, suppliers, vendors, etc., and these risk assessment efforts must be formally documented. Risk management must be prioritized according to how critical the relationship with each third-party is determined to be.  

 Third-party governance can be a time consuming and complex task, particularly in larger organizations. As part of our compliance and risk management services, Sourcepass can act as a liaison between your organization and your third parties. We will assist you in documenting your third-party relationships, assign a criticality ranking to them, and reach out to them on your behalf to perform due diligence reviews, all of which is formally documented and tracked in a private portal which you can access at any time.  

James Reichle is the Sourcepass Senior Cyber Risk Advisor. Reach out to James at (877) 678-8080. 

Popular Posts