NIST Releases Draft Update to Cybersecurity Framework for Manufacturers

NIST Releases Draft Update to Cybersecurity Framework for Manufacturers

The US National Institute of Standards and Technology (NIST) has published the initial public draft of NIST Interagency Report (IR) 8183 Revision 2, titled Cybersecurity Framework 2.0 Manufacturing Profile. The draft is open for public comment until 17 November 2025.

The updated Manufacturing Profile provides a voluntary, risk-based approach to help manufacturers strengthen their cybersecurity practices. It is designed to complement existing standards and guidelines rather than replace them. The framework aligns cybersecurity measures with manufacturing sector goals and offers a roadmap for managing cyber risks to industrial systems.

This revision updates the document to align with Cybersecurity Framework (CSF) 2.0, including new guidance on the ‘Govern’ function, as well as revised categories and subcategories – now 22 and 106, respectively, down from 23 and 108 in version 1.1. It also adds sections on supply chain risk management, platform security, and technology infrastructure resilience.

Why does it matter?

The Manufacturing Profile is intended for manufacturers of all sizes, cybersecurity professionals, compliance officers, and risk managers. NIST encourages stakeholders to review the draft and submit feedback before the consultation period closes.

Civil Society Alliances for Digital Empowerment (CADE) is a project co-funded by the European Union.

Civil Society Alliances for Digital Empowerment (CADE) 2024. All rights reserved.

This website is co-funded by the European Union. Its contents are the sole responsibility of CADE and do not necessarily reflect the views of the European Union.

Web accessibility | Privacy policy

Go to Top