Tech »  Topic »  NIST 2.0 Demands Strategic Reset, Not a Compliance Patch

NIST 2.0 Demands Strategic Reset, Not a Compliance Patch

3 days, 10 hours ago   bankinfosecurity

Branko Ninkovic on Why Risk Alignment Must Replace Checkbox Compliance Suparna Goswami (gsuparna) • March 27, 2025

Organizations must stop retrofitting old security practices and instead embrace a fresh, risk-aligned approach for a shift from the NIST 1.1 to NIST 2.0 cybersecurity framework, said Branko Ninkovic, board member of the Australian Information Security Association.

See Also: Integrating the NIST CSF into Third-Party Risk Management: Strategies for Enhanced Security and Compliance

The shift goes beyond a technical upgrade, it redefines how organizations should think about cybersecurity maturity and strategic alignment.

"With the introduction of [NIST] 2.0, people are just kind of looking at, 'Is this a gap-filling assessment or assignment?'" Ninkovic said. "But [NIST] 2.0 is a strategic shift away from that sort of compliance checkbox ticking, and more toward risk alignment and risk-based approach around governance, risk management and business integration."

Under the new framework, businesses need ...


Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE