I just got a form type email from NIST announcing that they are extending the comment period on their latest Cybersecurity Framework (CSF) request for information (RFI) until February 23rd. The original deadline had been today.
As I have been mentioning in my weekly updates on the comments received, there has been a particularly inadequate response to the RFI. I’m assuming that that is at least part of the reason for the comment extension. I would also assume that NIST had specifically received requests for an extension, probably citing the Christmas holidays as a reason for the low response rate.
According to the email, NIST will be publishing a notice in Friday’s Federal Register officially announcing the extension of the comment deadline.