By Marcos Colón

January 26, 2017

A draft update has been issued to the Framework for Improving Critical Infrastructure Cybersecurity by the National institute of Standards and Technology (NIST).

The changes to the cybersecurity framework arms security professionals with new details on managing cyber supply chain risks, clarifies key terms within the document and provides best practices related to measurement methods for cybersecurity, according to a NIST release.

“We wrote this update to refine and enhance the original document and to make it easier to use,” said Matt Barrett, NIST’s program manager for the Cybersecurity Framework. “This update is fully compatible with the original framework, and the framework remains voluntary and flexible to adaptation.”

In this updated version, the authors of the framework developed a vocabulary to assist users in applying the framework, making it easier for organizations to clearly understand the scope of their cybersecurity needs.