Quick-Start Guide for Using CSF 2.0 to Improve Management of Emerging Cybersecurity Risks

Date Published: August 21, 2025
Comments Due: September 21, 2025 (public comment period is CLOSED)
Email Questions to: [email protected]

Author(s)

Stephen Quinn (NIST), Matthew Barrett (CyberESI Consulting Group), Robert Gardner (New World Technology Partners), Kelly Hood (Optic Cyber Solutions), Matthew Smith (Seemless Transition LLC)

Announcement

This initial public draft highlights the topic of emerging cybersecurity risks and explains how organizations can improve their ability to address such risks through existing practices within the cyber risk discipline in conjunction with the NIST Cybersecurity Framework (CSF) 2.0. The guide also emphasizes the importance of integrating these practices with organizational enterprise risk management (ERM) to proactively address emerging risks before they occur.

The comment period is open through September 21, 2025, at 11:59 PM. Please send your feedback about this draft publication to [email protected].

This publication is the most recent in a portfolio of CSF 2.0 Quick-Start Guides released since February 26, 2024. These resources provide different audiences with tailored pathways into the CSF 2.0 and make the Framework easier to put into action.

View all of the CSF 2.0 quick start guides. 

Control Families

None selected