Clifton, New Jersey, April 10, 2024 /PRNewswire/ — Today, the Cybersecurity Coalition for Education and Advisory Board is pleased to announce the following features are available immediately.
- Cybersecurity Rubric 2.0
- Updated training on Cybersecurity Rubric 2.0
- We have updated training for Certified Cybersecurity Rubric Evaluators (CCRE) related to Cybersecurity Rubric 2.0.
Cybersecurity Framework 2.0 updates
background
A Cybersecurity Rubric Self-Assessment Toolkit and associated training have been created and released. April 2023. These resources are based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) v1.1, released in 2018.
After months of public comment and improvements, the National Institute of Standards and Technology (NIST) has released the Cybersecurity Framework 2.0 (CSF 2.0). February 26, 2024. This update clarifies some of the existing His CSF categories and adds new Governance categories to the framework. Through this update, CSF 2.0 better connects organizational leadership and cybersecurity risk management. This is an essential change as cybersecurity continues to be a concern at cabinet level and boardrooms.
The Cybersecurity Coalition for Education contributed to the development of these CSF 2.0 improvements and immediately incorporated them into our work and resources.
What's new in CSF 2.0?
There are two main changes from v1.1 to v2.0.
Change 1: Addition of governance function
NIST organizes its cybersecurity framework into a hierarchy of “capabilities” and “categories.” CSF v1.1 had five functions: identify, protect, detect, respond, and recover. CSF v2.0 added his sixth feature called “Govern”. This is intended to affect all other functionality.
We believe the addition of governance capabilities fits well with the reality of increased interest and investment by senior leaders in building a strong cybersecurity culture from the top down.
Function definition
- Governance: Establish and monitor your organization's cybersecurity risk management strategy, expectations, and policies.
- Identify: Determine the current cybersecurity risks to your organization.
- protect: Implement safeguards to prevent or reduce cybersecurity risks.
- To detect: Identify and analyze potential cybersecurity attacks and breaches.
- respond: Describes actions taken regarding detected cybersecurity incidents.
- Recover: Address the recovery of assets and operations affected by cybersecurity incidents.
Change #2: Changes to some categories
When placed side by side, you can clearly see the addition of the Govern feature, but you'll also notice that several other categories have changed slightly as well. These changes reflect his NIST goal of making CSF more easily adopted by the broader community of leaders and industry.
We support these improvements and feel they will make CSF 2.0 an even better framework for K-12 organizations. This is because the concepts behind the categories are now more widely understood.
New features in Cybersecurity Rubric 2.0
The Advisory Council and the Coalition's instructional design team have worked closely together and are pleased to release all new versions below.
- Cybersecurity Rubric 2.0: (all three editions: Google Sheets, Excel, PDF)
- Updated with new governance features and changes for all categories
- On-demand Cybersecurity Rubric 2.0 Training Modules
- New Q&A scoring guide to help self-evaluators complete the rubric
- This resource helps professionals more accurately evaluate organizations with rubrics.
All of these resources continue to be freely available to schools around the world.
New features of Certified Cybersecurity Rubric Evaluator (CCRE)
The Advisory Council and the Coalition's instructional design team have worked closely together and are excited to release all new versions below.
- On-demand Certified Cybersecurity Rubric Evaluator (CCRE) training modules and certifications
discount code for $99 CCRE training courses and certification exams continue to be available to professionals around the world.
Existing CCREs can take the latest on-demand CCRE training on Cybersecurity Rubric 2.0 for free.
Certifications are valid for two years from issuance, so existing CCREs do not need to recertify with the updated Cybersecurity Rubric 2.0.
Visit Cybersecurity Rubric 2.0 now
Ready to see the latest version of the Cybersecurity Rubric? Visit cybersecurityrubric.org/use-the-rubric.
About the Cybersecurity Coalition for Education
ClassLink, ENA by Zayo, and SecurityStudio founded the Cybersecurity Coalition for Education to create a more accessible and effective approach to cybersecurity preparedness and training for schools. The coalition pioneered the Cybersecurity Rubric (CR) for Education, a groundbreaking approach to measuring and improving cybersecurity readiness. In addition to the rubric, the coalition offers training and certification aimed at guiding schools toward cybersecurity readiness. For more information, please visit cybersecurityrubric.org.
Related Links
cybersecurityrubric.org
Source Cybersecurity Coalition for Education
