Brian Greenberg Apr 4, 2025

🚨 New from NIST: SP 800-61 Rev. 3 brings a major shift in incident response strategy.

Key upgrades include:
γƒ»πŸ” Alignment with the updated Cybersecurity Framework (CSF 2.0)
γƒ»πŸ›‘οΈ Emphasis on governance, continuous improvement, and real-world procedures
γƒ»πŸ“‹ Clearer roles, responsibilities, and escalation protocols
γƒ»πŸ” A flexible incident response lifecycle modelβ€”fit for modern threats
γƒ»πŸ“š Encourages tailored policies, playbooks, and training

The updated guidance moves beyond static checklists, offering a holistic view of incident handling that ties into risk management and organizational resilience.

Full details here: https://industrialcyber.co/nist/nist-publishes-sp-800-61-rev-3-overhauling-incident-response-guidance-for-csf-2-0/

#Cybersecurity #NIST #CSF2 #IncidentResponse #RiskManagement #Governance #OperationalResilience #Infosec

NIST publishes SP 800-61 Rev. 3, overhauling incident response guidance for CSF 2.0

NIST announces the publication of SP 800-61 Rev. 3, overhauling incident response guidance for CSF 2.0 framework.

Industrial Cyber
Gabriel NOct 21, 2023

I was looking at the NIST CSF 2.0 draft wondering why there was so little comments for such an important document ... only 26?

But then I saw that there has indeed been quite a few comments at earlier opportunitues (during the concept paper etc). And it seems to include comments from most of the big organisations.

But it still seems like such an important document would and should have more comments. I mean a viral infosec thread on any social media probably has a magnitude more comments...

#csf2 #nist

https://csrc.nist.gov/pubs/cswp/29/the-nist-cybersecurity-framework-20/ipd

The NIST Cybersecurity Framework 2.0 (Draft)

The NIST Cybersecurity Framework 2.0 provides guidance to industry, government agencies, and other organizations to reduce cybersecurity risks. It offers a taxonomy of high-level cybersecurity outcomes that can be used by any organization β€” regardless of its size, sector, or maturity β€” to better understand, assess, prioritize, and communicate its cybersecurity efforts. The Framework does not prescribe how outcomes should be achieved. Rather, it maps to resources that provide additional guidance on practices and controls that could be used to achieve those outcomes. This document explains Cybersecurity Framework 2.0 and its components and describes some of the many ways that it can be used.

CSRC | NIST
CyberEd Aug 8, 2023
From the #csf2 draft, a recognition that #cybersecurity is not all about saying "No!." It is also about saying "Yes, and here's how!"
O'Sullivan LabMar 16, 2023

We have recently found that #NK cell effector function is sexually dimorphic. How? Female NK cells in mice and human express higher levels of the epigenetic regulator #UTX, which escapes X-linked inactivation. UTX regulates the chromatin accessibility of #IFNg and #Csf2, making female NK cells more potent in response to #cytokines and #viral infection.

https://www.nature.com/articles/s41590-023-01463-8

The X-linked epigenetic regulator UTX controls NK cell-intrinsic sex differences - Nature Immunology

Cheng et al. demonstrate that an extra copy of the X-linked epigenetic regulator UTX in females increases natural killer (NK) cell effector function. As NK cells are critical for antiviral immunity, this may explain decreased severity of viral infections in females compared to males.

Nature