Cybersecurity Framework 2.0 – Now Released

The National Institute of Standards and Technology (NIST) today rolled out its Cybersecurity Framework (CSF) 2.0 – an update ten years in the making following the agency’s groundbreaking initial version of the cyber framework that has shaped security thinking across the private and public sectors in enduring ways. While the framework has always been positioned as a set of voluntary guidelines – and remains so – it has also become something of a de facto standard and starting point in many conversations that later morph into critical security decisions. “The CSF has been a vital tool for many organizations, helping them anticipate and deal with cybersecurity threats,” NIST Director Laurie Locascio said in a Feb. 26 press release. To read more, click here.

Defense Federal Acquisition Regulation Supplement: DFARS Buy American Act Requirements (DFARS Case 2022-D019)

DoD is issuing a final rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to implement an Executive order addressing domestic preferences in DoD procurement.  The revisions to the DFARS in this final rule supplement the FAR final rule published in the Federal Register at 87 FR 12780 on March 7, 2022, with the required conforming changes for the DoD-unique requirements. Four respondents submitted public comments in response to the proposed rule. To read more, click here.