Skip to content
Longterm Wiki
Back

Cybersecurity Framework

government
NIST·nist.gov/cyberframework

Credibility Rating

5/5
Gold(5)

Gold standard. Rigorous peer review, high editorial standards, and strong institutional reputation.

Rating inherited from publication venue: NIST

Relevant to AI safety governance discussions as NIST is extending its Cybersecurity Framework to cover AI-specific risks; useful context for understanding regulatory and standards-based approaches to managing AI and cybersecurity risk in organizational settings.

Metadata

Importance: 42/100guidance documentreference

Summary

The NIST Cybersecurity Framework (CSF 2.0) provides structured guidance to help organizations across industry and government understand, manage, and reduce cybersecurity risk. It includes quick-start guides, community profiles, and mappings to other NIST standards, with ongoing extensions into AI cybersecurity and sector-specific applications.

Key Points

  • CSF 2.0 is the current version, offering a flexible framework applicable across industries, government, and other organizations for managing cybersecurity risk.
  • Includes informative references and mappings showing how CSF aligns with other NIST cybersecurity standards like SP 800-53.
  • A dedicated AI Cybersecurity Profile (Cyber AI Profile) is under development, connecting CSF to AI-specific risk management.
  • The framework integrates with Enterprise Risk Management guidance (NIST IR 8286 series), linking cybersecurity risk to broader organizational risk.
  • Community profiles for specific sectors (e.g., transit systems) are being developed as complementary resources.

Cited by 2 pages

PageTypeQuality
Bioweapons Attack Chain ModelAnalysis69.0
Autonomous Cyber Attack TimelineAnalysis63.0

Cached Content Preview

HTTP 200Fetched Mar 15, 20263 KB
Cybersecurity Framework | NIST 
 
 
 
 

 

 
 
 
 Skip to main content
 
 

 
 
 
 
 
 
 
 
 
 
 
 
 Official websites use .gov 
 

 A .gov website belongs to an official government organization in the United States.
 

 
 
 
 
 
 
 Secure .gov websites use HTTPS 
 

 A lock ( 
 
 Lock 
 A locked padlock 
 
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
 

 
 
 
 
 
 
 

 
 
 
 
 https://www.nist.gov/cyberframework

 
 

 

 
 
 
 
 

 

 

 
 
 
 

 
 

 
 

 

 
 
 
 
 
 Cybersecurity Framework

 
 
 
 
 Helping organizations to better understand and improve their management of cybersecurity risk

 

 
 
 
 

 
 
 

 
 
 
 
 
 
 

 

 
 
 
 

 
 
 Connect with us

 
 

 X (Twitter) 
 
 

 

 
 
 
 
 
 
 
 
 
 
 
 CSF 2.0

 For industry, government, and organizations to reduce cybersecurity risks

 Read the Document 

 
 
 

 
 Quick Start Guides

 For users with specific common goals

 View the Quick Start Guides 

 CSF 2.0 Profiles

 Templates and useful resources for creating and using both CSF profiles 

 See the Profiles 

 
 
 

 
 Informative References (Mappings)

 See how NIST's resources overlap and share themes

 See the Mappings 

 

 

 
 
 Videos

 
 
 
 The NIST CSF 2.0 
 
 
 
 
 See more Videos 

 
 
 
 CSF 2.0 Webinar Series: Implementing CSF 2.0—The Why, What, and How 
 
 
 
 
 Latest Updates

 February 24, 2026: Celebrating Two Years of CSF 2.0! View the anniversary blog .
 
 
 
 
 
 

 
 
 
 Celebrating 2 years of CSF 2.0 
 Credit: 
 
 NIST

 
 
 The Transit Cybersecurity Framework Community Profile (NIST Internal Report (IR) 8576) initial public draft is now available for public comment through February 23, 2026.
 On January 14, 2026, the NIST National Cybersecurity Center of Excellence (NCCoE) held a full-day hybrid workshop to discuss the Preliminary Draft of the NIST Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile).
 On December 18, 2025, NIST published three updated NIST IR 8286 publications ( 8286r1 , 8286Ar1 , and 8286Cr1 ) to align more closely with the CSF 2.0 and other updated NIST guidelines. The NIST IR 8286 series helps practitioners understand the critical connection between cybersecurity and Enterprise Risk Management.
 NIST Special Publication (SP) 800-70r5 ipd (Revision 5, initial public draft), National Checklist Program for IT Products – Guidelines for Checklist Users and Developers , is now available for public comment through January 16, 2026, at 11:59 PM. The update includes an appendix with enhanced mapping concepts between checklist settings, NIST Cybersecurity Framework (CSF) 2.0 outcomes, SP 800-53 controls, and Common Configuration Enumeration (CCE) identifiers for evidence-ready automation and reporting.
 See more Latest Updates 

 

 

 
 
 
 
 
 
 
 
 

 
 

 
 
 
 
 

 
 
 

 
 
 
 
 Contacts

 
 

 
 For further information and/or questions about the Cybersecurity Framework

 
 
 
 
 

... (truncated, 3 KB total)
Resource ID: 209a744648b905db | Stable ID: MjdkMDAxN2