NIST CSF

The NIST Cybersecurity Framework (CSF) was published in 2018, for the benefit of private and public sector organizations.  It has been widely adopted as a structure for assessing and improving the ability to prevent, detect and respond to cyber incidents.

 

The Framework Core sets out the following recommended cybersecurity functions:

 

  • Identify assets, roles, responsibilities and current risks

  • Protect by adopting appropriate safeguards

  • Detect threats by adopting appropriate measures and solutions

  • Respond to threats with a pre-prepared plan and learn from incidents

  • Recover from any threat with a pre-prepared recovery plan

A Framework Profile represents how these are being applied by an organization, when broken down into smaller categories. Implementation Tiers also help measure how the framework is being applied.

Although implementation is currently voluntary, this framework is based on well-known standards, and represents the current best practices in cyber security. The NIST CSF is the primary risk framework used in the CyGov platform today, and the organizational risk score is created based on this framework using a proprietary weighting and grading algorithm. 

Background footer new.png

Follow Us

Group 9703@2x.png
Group 9705@2x.png

© 2020 by CyGov Tech