NIST releases Risk Management Framework 2.0 to combine privacy, security and supply chain into one

The National Institute of Standards and Technology has released an update to its Risk Management Framework (RMF). RMF 2.0 is the first framework to address security, privacy, and supply chain risk in an integrated manner, and includes a new step called Prepare. The objective of Prepare is to facilitate communication between executives and employees, identify security controls, reduce complexity, prioritize resources, and protect high-value assets.