Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Manufacturing Profile for Cybersecurity Framework Version 1.1: NIST Releases Draft NISTIR 8183 Rev. 1 for Comment
March 04, 2020

A draft revision of NISTIR 8183, the Cybersecurity Framework (CSF) Manufacturing Profile, has been developed that includes the subcategory enhancements established in NIST's Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1. These updates include managing cybersecurity within the supply chain, self-assessing cybersecurity risk, vulnerability disclosure, system integrity, and more comprehensive controls for identity management. Additional changes include updating language to change references from "security levels" to "impact levels."

The Manufacturing Profile was developed for manufacturers managing cybersecurity risk and is aligned with manufacturing sector goals and industry best practices. The Manufacturing Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cyber risk to manufacturing systems. The Manufacturing Profile is meant to enhance but not replace current cybersecurity standards and industry guidelines that the manufacturer is embracing.

The public comment period for this document ends May 4, 2020. See the publication details for a copy of the document and instructions for submitting comments.

 

NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Topics

Security and Privacy: security controls,

Applications: cybersecurity framework, industrial control systems,

Technologies: networks,

Sectors: manufacturing,

Created March 04, 2020