There has been a lot of talk about Artificial Intelligence (AI) in recent years. It is certainly a polarizing subject. While it raises hopes about the future of technology and what humanity is capable of, it also raises questions around human control and technological determination. There are those who worry that Artificial Intelligence is going to ‘take people’s jobs’, or even take over the world, and that the world will end up like a dystopian ‘Terminator’ style film.

In a regulatory landscape where new national, vertical, or international regulations are published on what seems like a weekly basis, the European Commission’s NIS2 Directive stands out. This legislation, which applies to all organizations operating across the European Union, has provided legally binding measures which organizations must abide by in order to ‘boost the overall level of cybersecurity in the EU.’

The NIST Cybersecurity Framework is a set of guidelines and best practices designed to help organisations better manage and reduce cybersecurity risk. It stands for the National Institute of Standards and Technology Cybersecurity Framework (CSF). The Framework was developed by NIST, part of the U.S. Department of Commerce, and first published in 2014, following an executive order by then President, Barack Obama which focused on improving the cybersecurity of critical infrastructure in the United States.