[フレーム]
You are viewing this page in an unauthorized frame window.

This is a potential security issue, you are being redirected to https://csrc.nist.gov.

You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Publications

NIST SP 1331 (Initial Public Draft)

Quick-Start Guide for Using CSF 2.0 to Improve Management of Emerging Cybersecurity Risks

Documentation Topics

Date Published: August 21, 2025
Comments Due: September 21, 2025 (public comment period is CLOSED)
Email Questions to: [email protected]

Author(s)

Stephen Quinn (NIST), Matthew Barrett (CyberESI Consulting Group), Robert Gardner (New World Technology Partners), Kelly Hood (Optic Cyber Solutions), Matthew Smith (Seemless Transition LLC)

Announcement

This initial public draft highlights the topic of emerging cybersecurity risks and explains how organizations can improve their ability to address such risks through existing practices within the cyber risk discipline in conjunction with the NIST Cybersecurity Framework (CSF) 2.0. The guide also emphasizes the importance of integrating these practices with organizational enterprise risk management (ERM) to proactively address emerging risks before they occur.

The comment periodis open through September 21, 2025, at 11:59 PM. Please send your feedback about this draft publication to [email protected].

This publication is the most recent in a portfolio of CSF 2.0 Quick-Start Guides released since February 26, 2024. These resources provide different audiences with tailored pathways into the CSF 2.0 and make the Framework easier to put into action.

View all of the CSF 2.0 quick start guides.

Abstract

This Quick-Start Guide introduces the topic of emerging cybersecurity risks and illustrates how organizations can improve their ability to address such risks through existing practices within the NIST Cybersecurity Framework (CSF) 2.0. The guide also emphasizes the importance of integrating these practices within the organization’s enterprise risk management (ERM) program.

This Quick-Start Guide introduces the topic of emerging cybersecurity risks and illustrates how organizations can improve their ability to address such risks through existing practices within the NIST Cybersecurity Framework (CSF) 2.0. The guide also emphasizes the importance of integrating these... See full abstract

This Quick-Start Guide introduces the topic of emerging cybersecurity risks and illustrates how organizations can improve their ability to address such risks through existing practices within the NIST Cybersecurity Framework (CSF) 2.0. The guide also emphasizes the importance of integrating these practices within the organization’s enterprise risk management (ERM) program.


Hide full abstract

Keywords

Cybersecurity Framework (CSF); cybersecurity risk; emerging risk; enterprise risk management (ERM); systems of systems
Control Families

None selected

Documentation

Publication:
https://doi.org/10.6028/NIST.SP.1331.ipd
Download URL

Supplemental Material:
None available

Document History:
08/21/25: SP 1331 (Draft)

Topics

Security and Privacy

risk management

Applications

cybersecurity framework, enterprise

Activities and Products

quick-start guides

AltStyle によって変換されたページ (->オリジナル) /