Changeflow GovPing Security Framework NIST Cybersecurity Framework 2.0 Profiles and R...
Routine Guidance Added Final

NIST Cybersecurity Framework 2.0 Profiles and Resources

Favicon for www.nist.gov NIST Cybersecurity Framework Updates
Detected March 13th, 2026
Email

Summary

The National Institute of Standards and Technology (NIST) has released updated resources for its Cybersecurity Framework (CSF) 2.0, including organizational profile templates and community profiles. These resources aim to help organizations assess and improve their cybersecurity posture.

View original document View source feed page

What changed

NIST has made available new and updated resources related to the Cybersecurity Framework (CSF) 2.0. This includes a customizable organizational profile template in spreadsheet format, designed to assist organizations in creating and comparing their current and target cybersecurity profiles to identify gaps. Additionally, NIST highlights community profiles, which are baseline CSF outcomes developed to address shared interests among multiple organizations, and provides links to various active and finalized community profile projects across different sectors.

These resources are intended to guide organizations in implementing and refining their cybersecurity strategies using the CSF 2.0. While the framework itself is non-binding, the availability of these templates and examples offers practical tools for entities seeking to enhance their cybersecurity risk management. No specific compliance deadlines or penalties are associated with these guidance materials, but they are valuable for entities looking to adopt or improve their adherence to cybersecurity best practices.

What to do next

  1. Review the NIST CSF 2.0 Organizational Profile template for potential use in assessing current and target cybersecurity states.
  2. Explore available CSF 2.0 Community Profiles to identify sector-specific or shared interest baselines.
  3. Consult the provided quick start guides and community profile templates for implementation assistance.

Source document (simplified)

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Framework

Connect with us

X (Twitter)

CSF 2.0 Profiles

Share

Facebook Linkedin X.com Email

CSF 2.0 Organizational Profiles

NIST provides a customizable CSF Organizational Profile template as a spreadsheet. You can download and use it to create Current and Target Profiles for your organization. The template facilitates side-by-side comparison of Current and Target Profiles to identify and analyze gaps. For more information on how to complete this template please visit the quick start guide.

Access Profile Template | XLSX

CSF 2.0 Community Profiles

A Community Profile ** is a baseline of CSF outcomes that is created and published to address shared interests and goals among a number of organizations. For more information on how to create a Community Profile, view the CSF 2.0 Guide to Creating Community Profiles and the draft Community Profile Template (XLSX).

View All CSF 2.0 Community Profiles

CSF 2.0 Community Profiles

Active Community Profile Projects:

Finalized Community Profile Projects:

Resources for Applying NIST Frameworks

The NIST National Cybersecurity Center of Excellence (NCCoE) plays a significant role in helping communities implement NIST Frameworks. This collection of resources serves as a repository of guidance for creating Community Profiles and additional materials to support applying NIST Frameworks. Visit to Learn More

Created February 20, 2024, Updated February 19, 2026

Was this page helpful?

Related changes

Favicon for sam.gov SAM.gov Entity Exclusions Unavailable Due to Maintenance
Routine Mar 14, 2026 SAM.gov Entity Exclusions (Debarments & Suspensions) Trade Procurement
Favicon for sam.gov SAM.gov Entity Registration and Exclusions Unavailable
Routine Mar 14, 2026 SAM.gov Entity Exclusions (Debarments & Suspensions) Trade Procurement
Favicon for sam.gov SAM.gov Entity Exclusions Unavailable During Maintenance
Routine Mar 14, 2026 SAM.gov Entity Exclusions (Debarments & Suspensions) Trade Procurement
Favicon for wid.cert-bund.de CPython Vulnerabilities Allow Remote Code Execution
Priority review Mar 13, 2026 CERT-Bund Security Advisories Vulnerability Alerts
Favicon for wid.cert-bund.de Vim Vulnerability Allows Code Execution (CVSS 6.6)
Priority review Mar 13, 2026 CERT-Bund Security Advisories Vulnerability Alerts
Favicon for wid.cert-bund.de FreeRDP Vulnerabilities - Remote Code Execution
Priority review Mar 13, 2026 CERT-Bund Security Advisories Vulnerability Alerts

Source

Favicon for www.nist.gov
NIST Cybersecurity Framework Updates nist.gov/cyberframework
Security Framework
Analysis generated by AI. Source diff and links are from the original.

Classification

Agency
Various Federal Agencies
Instrument
Guidance
Legal weight
Non-binding
Stage
Final
Change scope
Minor

Who this affects

Applies to
Technology companies Manufacturers Energy companies
Geographic scope
National (US)

Taxonomy

Primary area
Cybersecurity
Operational domain
Compliance
Topics
Information Security Risk Management

Browse Categories

Federal Courts 26 State Courts 91 Securities Regulation 6 Financial Regulation 43 Consumer Protection 5 Drug Safety 45 Data Protection 21 Competition 2 Attorneys General 3 Insurance Regulation 5 Trade & Export 36 Legislation 42 Energy Regulation 13 Environment 3 Labor & Employment 2 Tax 1

Get Security Framework alerts

Weekly digest. AI-summarized, no noise.

Free. Unsubscribe anytime.

Get alerts for this source

We'll email you when NIST Cybersecurity Framework Updates publishes new changes.

Free. Unsubscribe anytime.