{"id":5164,"date":"2023-03-24T14:07:31","date_gmt":"2023-03-24T17:07:31","guid":{"rendered":"https:\/\/base4sec.com\/nao-categorizado\/nist-cybersecurity-framework-v2-0\/"},"modified":"2024-12-12T18:08:42","modified_gmt":"2024-12-12T21:08:42","slug":"nist-cybersecurity-framework-v2-0","status":"publish","type":"post","link":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/","title":{"rendered":"NIST Cybersecurity Framework v2.0"},"content":{"rendered":"<p>Em 2022, o NIST comemorou 50 anos de pesquisa em seguran\u00e7a cibern\u00e9tica, desenvolvendo guias de boas pr\u00e1ticas,padr\u00f5es, guias de privacidade entre outros recursos. Isso tornou poss\u00edvel proteger melhor a tecnologia existente e fornecer uma plataforma para o desenvolvimento seguro de tecnologias futuras.<\/p>\n<p>Dentro desses recursos podemos encontrar o &#8220;Cybersecurity Framework&#8221; (CSF), uma ferramenta muito \u00fatil para reduzir os riscos cibern\u00e9ticos nas organiza\u00e7\u00f5es. O CSF fornece uma linguagem comum e simplificada, adapta-se a muitas tecnologias, fases do ciclo de vida, setores e usos. Tem uma abordagem baseada no risco e est\u00e1 em conformidade com os padr\u00f5es internacionais, o que \u00e9 em parte o que o torna altamente reconhecido em todo o mundo.<\/p>\n<p>O CSF tamb\u00e9m \u00e9 apoiado por m\u00faltiplas perspectivas, inclusive do setor privado e p\u00fablico, e contribui\u00e7\u00f5es da academia, o que de alguma forma garante que uma ampla gama de pontos de vista e necessidades sejam levadas em considera\u00e7\u00e3o. Al\u00e9m disso, ajuda a alinhar os requisitos legais\/regulat\u00f3rios com o gerenciamento de riscos e as prioridades organizacionais. Em suma, ajuda-nos a melhorar a seguran\u00e7a dos sistemas, dados e opera\u00e7\u00f5es em geral.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/wwww.base4sec.com\/assets\/images\/blog\/nota-33a.jpg\" \/><\/p>\n<p><span class=\"subtitulo-nota\">Como o CSF v1.1 \u00e9 usado?<\/span><\/p>\n<p>Um processo t\u00edpico de implementa\u00e7\u00e3o dessa estrutura consiste nas seguintes etapas:<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><b>Avalia\u00e7\u00e3o de risco<\/b><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>A organiza\u00e7\u00e3o identifica ativos cr\u00edticos, amea\u00e7as e vulnerabilidades relevantes para suas opera\u00e7\u00f5es.<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><b>Cria\u00e7\u00e3o de um perfil atual<\/b><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>O estado atual das atividades realizadas no campo da ciberseguran\u00e7a (Processos, controles, opera\u00e7\u00f5es) \u00e9 revelado e \u00e9 transformado em um &#8220;perfil atual&#8221;.<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><b>Cria\u00e7\u00e3o de um perfil objetivo<\/b><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\u00c9 criado um perfil que descreve os objetivos de seguran\u00e7a cibern\u00e9tica.<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><b>Planejamento da melhoria<\/b><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Uma vez identificada a lacuna entre os dois perfis, s\u00e3o estabelecidas prioridades para melhorar a postura de seguran\u00e7a da organiza\u00e7\u00e3o. Um plano de melhoria \u00e9 desenhado de acordo com os objetivos da organiza\u00e7\u00e3o e a avalia\u00e7\u00e3o de risco anterior.<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><b>Implementa\u00e7\u00e3o<\/b><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Se implementa o plano de melhoria, os recursos s\u00e3o atribu\u00eddos e as atividades planejadas s\u00e3o executadas.<\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><b>Monitoramento e melhoria cont\u00ednua<\/b><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\u00c9 rastreada a postura de seguran\u00e7a, melhorias cont\u00ednuas conforme necess\u00e1rio e processo iterativo.<\/p>\n<p>Este Framework \u00e9 uma ferramenta flex\u00edvel que se adapta \u00e0s necessidades de qualquer organiza\u00e7\u00e3o, independentemente da sua dimens\u00e3o, setor ou complexidade. O processo de implementa\u00e7\u00e3o varia de acordo com a organiza\u00e7\u00e3o, mas os princ\u00edpios da estrutura podem ser aplicados em qualquer contexto para melhorar a postura de seguran\u00e7a.<\/p>\n<p><span class=\"subtitulo-nota\">Vers\u00e3o 2<\/span><\/p>\n<p>O NIST iniciou o processo de atualiza\u00e7\u00e3o do CSF, desde 2018 temos sua vers\u00e3o 1.1. Nesta nova atualiza\u00e7\u00e3o 2.0, o trabalho est\u00e1 sendo feito na evolu\u00e7\u00e3o das amea\u00e7as, mapeando os padr\u00f5es e visando um formato mais simples para permitir que as organiza\u00e7\u00f5es lidem com os riscos.<\/p>\n<p>Nesse processo, novamente, conta ativamente com o feedback das partes interessadas (Comunidade, ind\u00fastria, academia) e buscando opini\u00f5es diversas no processo de atualiza\u00e7\u00e3o.<\/p>\n<p><center><img decoding=\"async\" src=\"https:\/\/wwww.base4sec.com\/assets\/images\/blog\/port\/nota-33b.jpg\" \/><\/center>&nbsp;<\/p>\n<p><center>Atividades propostas e realizadas no \u00e2mbito da atualiza\u00e7\u00e3o<\/center>&nbsp;<\/p>\n<p>Entre as ideias partilhadas durante o 2\u00ba Workshop e tamb\u00e9m no concept paper da nova vers\u00e3o (publicado\u00a0<a href=\"https:\/\/www.nist.gov\/system\/files\/documents\/2023\/01\/19\/CSF_2.0_Concept_Paper_01-18-23.pdf\">aqui<\/a>\u00a0) estas s\u00e3o algumas das poss\u00edveis mudan\u00e7as na nova vers\u00e3o:<\/p>\n<p><span class=\"subtitulo-nota\">\u2981 Reconhecer explicitamente o amplo uso do CSF<\/span><\/p>\n<p>Sabendo da larga utiliza\u00e7\u00e3o e relev\u00e2ncia que este enquadramento tem tido nos \u00faltimos anos, pretende-se fazer uma mudan\u00e7a de enfoque nas organiza\u00e7\u00f5es a que se dirige. Desde a mudan\u00e7a de titularidade, mudan\u00e7a de \u00e2mbito para n\u00e3o s\u00f3 abranger infraestruturas cr\u00edticas ou um determinado mercado, mas para todo o tipo de organiza\u00e7\u00f5es independentemente da sua tipologia ou dimens\u00e3o.<\/p>\n<p>Da mesma forma, pretende-se aumentar a colabora\u00e7\u00e3o e o compromisso internacional com o quadro.<\/p>\n<p><center><img decoding=\"async\" src=\"https:\/\/wwww.base4sec.com\/assets\/images\/blog\/nota-33c.jpg\" \/><\/center><br \/>\n<span class=\"subtitulo-nota\">\u2981 Funciona como um framework, fornecendo contexto e conex\u00f5es com padr\u00f5es e recursos existentes.<\/span><\/p>\n<p>Para a vers\u00e3o 2.0 do CSF, n\u00e3o apenas o n\u00edvel de detalhamento ser\u00e1 mantido, mas tamb\u00e9m a \u00eanfase ser\u00e1 colocada em relacion\u00e1-lo claramente com outros frameworks NIST. As refer\u00eancias ser\u00e3o mantidas entre estas e outras estruturas de seguran\u00e7a cibern\u00e9tica reconhecidas, atualizadas e dispon\u00edveis online.<\/p>\n<p>Como na vers\u00e3o atual, uma \u00eanfase especial ser\u00e1 colocada em manter a tecnologia e o fornecedor neutros, mas refletindo as mudan\u00e7as nas pr\u00e1ticas de seguran\u00e7a cibern\u00e9tica mais reconhecidas.<\/p>\n<p><center><img decoding=\"async\" src=\"https:\/\/wwww.base4sec.com\/assets\/images\/blog\/nota-33d.jpg\" \/><\/center>&nbsp;<\/p>\n<p><center><a href=\"https:\/\/csrc.nist.gov\/projects\/olir\/informative-reference-catalog\">https:\/\/csrc.nist.gov\/projects\/olir\/informative-reference-catalog<\/a><\/center><span class=\"subtitulo-nota\">\u2981 Inclui orienta\u00e7\u00f5es atualizadas e ampliadas sobre a implementa\u00e7\u00e3o da estrutura.<\/span><\/p>\n<p>Para apoiar as organiza\u00e7\u00f5es na introdu\u00e7\u00e3o do framework, pretende-se adicionar exemplos de implementa\u00e7\u00e3o para as diferentes subcategorias e do desenvolvimento de modelos de perfil.<\/p>\n<p>A necessidade de melhorar o site do CSF para destacar recursos de implementa\u00e7\u00e3o e facilidade de uso \u00e9 priorizada.<\/p>\n<p><center><img decoding=\"async\" src=\"https:\/\/wwww.base4sec.com\/assets\/images\/blog\/nota-33e.jpg\" \/><\/center>&nbsp;<\/p>\n<p><center><a href=\"https:\/\/www.nist.gov\/cyberframework\/getting-started\">https:\/\/www.nist.gov\/cyberframework\/getting-started<\/a><\/center><span class=\"subtitulo-nota\">\u2981 Enfatiza a import\u00e2ncia da governan\u00e7a de seguran\u00e7a cibern\u00e9tica.<\/span><\/p>\n<p>A fim de destacar a import\u00e2ncia das tarefas de gest\u00e3o e governan\u00e7a em torno de todo o processo de implementa\u00e7\u00e3o do framework, prop\u00f5e-se acrescentar uma nova Fun\u00e7\u00e3o de Governan\u00e7a que seja transversal. Espera-se que isso tamb\u00e9m aprimore a discuss\u00e3o sobre a rela\u00e7\u00e3o com a gest\u00e3o de riscos.<\/p>\n<p><center><img decoding=\"async\" src=\"https:\/\/wwww.base4sec.com\/assets\/images\/blog\/nota-33f.jpg\" \/><\/center><br \/>\n<span class=\"subtitulo-nota\">\u2981 Destaca a import\u00e2ncia da \u201cGest\u00e3o de Riscos da Cadeia de Suprimentos\u201d<\/span><\/p>\n<p>Para esta nova vers\u00e3o, pretende-se dar especial enfoque e incorporar especificamente a gest\u00e3o da cadeia de suprimento (Cybersecurity Supply Chain Risk Management ou CSRC), adicionando subcategorias ou categorias completas que a incluam.<\/p>\n<p><span class=\"subtitulo-nota\">\u2981 Avan\u00e7o na compreens\u00e3o da medi\u00e7\u00e3o e avalia\u00e7\u00e3o da seguran\u00e7a cibern\u00e9tica.<\/span><\/p>\n<p>N\u00e3o \u00e9 f\u00e1cil para as organiza\u00e7\u00f5es gerar medi\u00e7\u00f5es claras em torno da seguran\u00e7a cibern\u00e9tica, esta nova vers\u00e3o visa esclarecer como o CSF pode apoiar a medi\u00e7\u00e3o e avalia\u00e7\u00e3o dos programas de seguran\u00e7a cibern\u00e9tica implementados.<\/p>\n<p>Fornecendo exemplos de medi\u00e7\u00e3o e avalia\u00e7\u00f5es, atualizando o NIST Information Security Performance Measurement Guide (publicado\u00a0<a href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-55\/rev-2\/draft\">aqui<\/a>). Al\u00e9m de fornecer orienta\u00e7\u00f5es sobre os v\u00e1rios n\u00edveis de Implementa\u00e7\u00e3o do Framework.<\/p>\n<p><span class=\"subtitulo-nota\">Algumas conclus\u00f5es<\/span><br \/>\n\u00c9 claro que a atualiza\u00e7\u00e3o proposta para o Framework de Ciberseguran\u00e7a (CSF) pelo NIST tem como objetivo acompanhar a evolu\u00e7\u00e3o das amea\u00e7as. A prioriza\u00e7\u00e3o da fun\u00e7\u00e3o de governan\u00e7a, a expans\u00e3o da cobertura de gest\u00e3o de riscos da cadeia de suprimentos impulsionada pelo foco not\u00f3rio dos atacantes e a import\u00e2ncia de manter a neutralidade tecnol\u00f3gica e melhorar a rela\u00e7\u00e3o entre o CSF e outros frameworks de ciberseguran\u00e7a foram destacadas.<\/p>\n<p>Essas mudan\u00e7as permitir\u00e3o que organiza\u00e7\u00f5es de diferentes setores, tipos e tamanhos implementem o CSF de maneira mais otimizada e o adaptem \u00e0s suas necessidades espec\u00edficas, aumentando assim a seguran\u00e7a de todo o ecossistema.<\/p>\n<p>&nbsp;<\/p>\n<div class=\"col-lg-4 nota-left d-flex justify-content-between flex-column\">\n<div class=\"referencia-nota\">\n<div class=\"referencias-nota-title\">\n<h5>REFER\u00caNCIAS<\/h5>\n<\/div>\n<div><a href=\"https:\/\/www.nist.gov\/system\/files\/documents\/2023\/01\/19\/CSF_2.0_Concept_Paper_01-18-23.pdf\" target=\"_blank\" rel=\"noopener\">https:\/\/www.nist.gov\/document\/csf-20-concept-paper<\/a><br \/>\n<a href=\"https:\/\/www.nist.gov\/cyberframework\/getting-started\" target=\"_blank\" rel=\"noopener\">https:\/\/www.nist.gov\/cyberframework\/getting-started\u00a0<\/a><a href=\"https:\/\/csrc.nist.gov\/projects\/olir\/informative-reference-catalog\" target=\"_blank\" rel=\"noopener\">https:\/\/csrc.nist.gov\/projects\/olir\/informative-reference-catalog<\/a>\u00a0<a href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-55\/rev-2\/draft\" target=\"_blank\" rel=\"noopener\">https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-55\/rev-2\/draft<\/a><\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Em 2022, o NIST comemorou 50 anos de pesquisa em seguran\u00e7a cibern\u00e9tica, desenvolvendo guias de boas pr\u00e1ticas,padr\u00f5es, guias de privacidade entre outros recursos. Isso tornou poss\u00edvel proteger melhor a tecnologia existente e fornecer uma plataforma para o desenvolvimento seguro de tecnologias futuras. Dentro desses recursos podemos encontrar o &#8220;Cybersecurity Framework&#8221; (CSF), uma ferramenta muito \u00fatil [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":4958,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_wpcom_ai_launchpad_first_post":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[260],"tags":[],"class_list":["post-5164","post","type-post","status-publish","format-standard","has-post-thumbnail","category-technical-pt-br"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.9 (Yoast SEO v28.0) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>NIST Cybersecurity Framework v2.0 - BASE4 Security<\/title>\n<meta name=\"description\" content=\"BASE4 Security, consultora de ciberseguridad con presencia en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Servicios de CyberSOC, Red Team, GRC y Zero Trust.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NIST Cybersecurity Framework v2.0\" \/>\n<meta property=\"og:description\" content=\"An\u00e1lisis t\u00e9cnico y estrategia de ciberseguridad por el equipo de BASE4 Security. Insights sobre CyberSOC, Red Team, GRC y Zero Trust para LATAM y Espa\u00f1a.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/\" \/>\n<meta property=\"og:site_name\" content=\"BASE4 Security\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-24T17:07:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-12-12T21:08:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_33.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"600\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Base4 Security Research\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Base4 Security Research\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/\"},\"author\":{\"name\":\"Base4 Security Research\",\"@id\":\"\\\/#\\\/schema\\\/person\\\/5905e7398728c03dbec3772861bd4f99\"},\"headline\":\"NIST Cybersecurity Framework v2.0\",\"datePublished\":\"2023-03-24T17:07:31+00:00\",\"dateModified\":\"2024-12-12T21:08:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/\"},\"wordCount\":1174,\"commentCount\":0,\"publisher\":{\"@id\":\"\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/blog_33.jpg\",\"articleSection\":[\"Technical\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/\",\"url\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/\",\"name\":\"NIST Cybersecurity Framework v2.0 - BASE4 Security\",\"isPartOf\":{\"@id\":\"\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/blog_33.jpg\",\"datePublished\":\"2023-03-24T17:07:31+00:00\",\"dateModified\":\"2024-12-12T21:08:42+00:00\",\"description\":\"BASE4 Security, consultora de ciberseguridad con presencia en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Servicios de CyberSOC, Red Team, GRC y Zero Trust.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/#primaryimage\",\"url\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/blog_33.jpg\",\"contentUrl\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/12\\\/blog_33.jpg\",\"width\":600,\"height\":600,\"caption\":\"POR: Diego Staino (Cybersecurity Researcher & Trainer)\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/technical-pt-br\\\/nist-cybersecurity-framework-v2-0\\\/2023\\\/03\\\/24\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Inicio\",\"item\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NIST Cybersecurity Framework v2.0\"}]},{\"@type\":\"WebSite\",\"@id\":\"\\\/#website\",\"url\":\"\\\/\",\"name\":\"BASE4 Security\",\"description\":\"Your cyber ally\",\"publisher\":{\"@id\":\"\\\/#organization\"},\"alternateName\":\"B4\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"\\\/#organization\",\"name\":\"BASE4 Security\",\"url\":\"\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/Logo_policromo_negativo.png\",\"contentUrl\":\"https:\\\/\\\/base4sec.com\\\/wp-content\\\/uploads\\\/2024\\\/10\\\/Logo_policromo_negativo.png\",\"width\":372,\"height\":227,\"caption\":\"BASE4 Security\"},\"image\":{\"@id\":\"\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/company\\\/base4-security\"],\"description\":\"BASE4 Security es una consultora de ciberseguridad B2B con prop\u00f3sito, fundada en Argentina y con operaciones en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Ofrece servicios de CyberSOC, Red Team, GRC, Identity Security, Cloud Security y Application Security para empresas en SOLA y NOLA.\",\"email\":\"info@base4sec.com\",\"telephone\":\"02262653623\",\"legalName\":\"BASE4 Security\",\"foundingDate\":\"2008-01-16\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"51\",\"maxValue\":\"200\"}},{\"@type\":\"Person\",\"@id\":\"\\\/#\\\/schema\\\/person\\\/5905e7398728c03dbec3772861bd4f99\",\"name\":\"Base4 Security Research\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g\",\"caption\":\"Base4 Security Research\"},\"url\":\"https:\\\/\\\/base4sec.com\\\/pt-br\\\/author\\\/cliteplo\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"NIST Cybersecurity Framework v2.0 - BASE4 Security","description":"BASE4 Security, consultora de ciberseguridad con presencia en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Servicios de CyberSOC, Red Team, GRC y Zero Trust.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/","og_locale":"pt_BR","og_type":"article","og_title":"NIST Cybersecurity Framework v2.0","og_description":"An\u00e1lisis t\u00e9cnico y estrategia de ciberseguridad por el equipo de BASE4 Security. Insights sobre CyberSOC, Red Team, GRC y Zero Trust para LATAM y Espa\u00f1a.","og_url":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/","og_site_name":"BASE4 Security","article_published_time":"2023-03-24T17:07:31+00:00","article_modified_time":"2024-12-12T21:08:42+00:00","og_image":[{"width":600,"height":600,"url":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_33.jpg","type":"image\/jpeg"}],"author":"Base4 Security Research","twitter_card":"summary_large_image","twitter_misc":{"Escrito por":"Base4 Security Research","Est. tempo de leitura":"6 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/#article","isPartOf":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/"},"author":{"name":"Base4 Security Research","@id":"\/#\/schema\/person\/5905e7398728c03dbec3772861bd4f99"},"headline":"NIST Cybersecurity Framework v2.0","datePublished":"2023-03-24T17:07:31+00:00","dateModified":"2024-12-12T21:08:42+00:00","mainEntityOfPage":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/"},"wordCount":1174,"commentCount":0,"publisher":{"@id":"\/#organization"},"image":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/#primaryimage"},"thumbnailUrl":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_33.jpg","articleSection":["Technical"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/","url":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/","name":"NIST Cybersecurity Framework v2.0 - BASE4 Security","isPartOf":{"@id":"\/#website"},"primaryImageOfPage":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/#primaryimage"},"image":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/#primaryimage"},"thumbnailUrl":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_33.jpg","datePublished":"2023-03-24T17:07:31+00:00","dateModified":"2024-12-12T21:08:42+00:00","description":"BASE4 Security, consultora de ciberseguridad con presencia en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Servicios de CyberSOC, Red Team, GRC y Zero Trust.","breadcrumb":{"@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/#primaryimage","url":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_33.jpg","contentUrl":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_33.jpg","width":600,"height":600,"caption":"POR: Diego Staino (Cybersecurity Researcher & Trainer)"},{"@type":"BreadcrumbList","@id":"https:\/\/base4sec.com\/pt-br\/technical-pt-br\/nist-cybersecurity-framework-v2-0\/2023\/03\/24\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Inicio","item":"https:\/\/base4sec.com\/pt-br\/"},{"@type":"ListItem","position":2,"name":"NIST Cybersecurity Framework v2.0"}]},{"@type":"WebSite","@id":"\/#website","url":"\/","name":"BASE4 Security","description":"Your cyber ally","publisher":{"@id":"\/#organization"},"alternateName":"B4","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"\/#organization","name":"BASE4 Security","url":"\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"\/#\/schema\/logo\/image\/","url":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/10\/Logo_policromo_negativo.png","contentUrl":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/10\/Logo_policromo_negativo.png","width":372,"height":227,"caption":"BASE4 Security"},"image":{"@id":"\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/base4-security"],"description":"BASE4 Security es una consultora de ciberseguridad B2B con prop\u00f3sito, fundada en Argentina y con operaciones en Argentina, Chile, Per\u00fa, Colombia, M\u00e9xico y Espa\u00f1a. Ofrece servicios de CyberSOC, Red Team, GRC, Identity Security, Cloud Security y Application Security para empresas en SOLA y NOLA.","email":"info@base4sec.com","telephone":"02262653623","legalName":"BASE4 Security","foundingDate":"2008-01-16","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"51","maxValue":"200"}},{"@type":"Person","@id":"\/#\/schema\/person\/5905e7398728c03dbec3772861bd4f99","name":"Base4 Security Research","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2fd8bd108b76c23a0df95f08c42f3f8653e30a2562d252777bc2a74096d212e4?s=96&d=mm&r=g","caption":"Base4 Security Research"},"url":"https:\/\/base4sec.com\/pt-br\/author\/cliteplo\/"}]}},"jetpack_featured_media_url":"https:\/\/base4sec.com\/wp-content\/uploads\/2024\/12\/blog_33.jpg","_links":{"self":[{"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/posts\/5164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/comments?post=5164"}],"version-history":[{"count":1,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/posts\/5164\/revisions"}],"predecessor-version":[{"id":5254,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/posts\/5164\/revisions\/5254"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/media\/4958"}],"wp:attachment":[{"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/media?parent=5164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/categories?post=5164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/base4sec.com\/pt-br\/wp-json\/wp\/v2\/tags?post=5164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}