The National Institute of Standards and Technology (NIST) has released the second draft of a proposed update to the national Cybersecurity Framework of 2014. The draft document contains important changes to some existing guidelines, especially around self-assessment of cybersecurity risk. NIST will make draft 2 of the Framework open for public comment through close of day January 19, 2018 and will likely go live with the changes shortly after. The new version clarifies some of the language around cybersecurity measurement and provides more guidance on managing cybersecurity within the supply chain.”]
Source: https://www.darkreading.com/cloud/nist-releases-new-cybersecurity-framework-draft