How you can Comply with the NIST Cybersecurity Framework (2024)

Blog

Update July 9, 2024: In 2024, the standard’s body has updated the framework. Here’s what you need to know about NIST CSF 2.0.

See Also
What Are the 5 Controls of Cyber Essentials? - Creative Networks

The NIST Framework for Improving Critical Infrastructure Cybersecurity, commonly referred to as the NIST Cybersecurity Framework (CSF), provides private sector organizations with a structure for assessing and improving their ability to prevent, detect and respond to cyber incidents. Version 1.1 was published by the US National Institute of Standards and Technology (NIST) in April 2018 and has seen fast adoption across various industries.

The Framework uses business drivers to guide cybersecurity activities and considers cybersecurity as part of an organization’s risk management processes. Many organizations are embracing this framework to help manage their cybersecurity risks. According to the 2019 SANS OT/ICS Cybersecurity Survey the NIST CSF is the number one framework in use today. How does your organization plan to use or expand your compliance with the NIST CSF in 2020? Let’s dissect this popular framework and share how you can comply.

The 3 Parts of the Framework

  1. Framework Core
    The framework core is a set of cybersecurity activities, desired outcomes and applicable references that are common across critical infrastructure sectors. It consists of five concurrent and continuous Functions: Identify, Protect, Detect, Respond and Recover.
  2. Implementation Tiers
    Implementation tiers describe the degree to which an organization’s cybersecurity risk management practices exhibit the characteristics defined in the Framework, over a range from Partial (Tier 1) to Adaptive (Tier 4).
  3. Framework Profile

A framework profile represents the Core Functions’ Categories and Subcategories prioritized by an organization based on business needs and can be used to measure the organization’s progress toward the Target Profile.

How you can Comply with the NIST Cybersecurity Framework (1)

The 5 Core Functions
When considered together, the 5 Core Functions provide a strategic view of the lifecycle of an organization’s cybersecurity risk management and should be treated as a key reference point. Here are the 5 Functions and how to comply with them:

  1. Identify
    Organizations must develop an understanding of their environment to manage cybersecurity risk to systems, assets, data and capabilities. To comply with this Function, it is essential to have full visibility into your digital and physical assets, their interconnections, and defined roles and responsibilities, as well as to understand your current risks and exposure and put policies and procedures into place to manage those risks.
  2. Protect
    Organizations must develop and implement the appropriate safeguards to limit or contain the impact of a potential cybersecurity event. To comply, your organization must control access to digital and physical assets, provide awareness education and training, put processes into place to secure data, maintain baselines of network configuration and operations to repair system components in a timely manner and deploy protective technology to ensure cyber resilience.
  3. Detect
    Organizations must implement the appropriate measures to quickly identify cybersecurity events. The adoption of continuous monitoring solutions that detect anomalous activity and other threats to operational continuity is required to comply with this Function. Your organization must have visibility into its networks to anticipate a cyber incident and have all information at hand to respond to one. Continuous monitoring and threat hunting are very effective ways to analyze and prevent cyber incidents in ICS networks.
  4. Respond
    Should a cyber incident occur, organizations must have the ability to contain the impact. To comply, your organization must craft a response plan, define communication lines among the appropriate parties, collect and analyze information about the event, perform all required activities to eradicate the incident and incorporate lessons learned into revised response strategies.
  5. Recover
    Organizations must develop and implement effective activities to restore any capabilities or services that were impaired due to a cybersecurity event. Your organization must have a recovery plan in place, be able to coordinate restoration activities with external parties and incorporate lessons learned into your updated recovery strategy. Defining a prioritized list of action points which can be used to undertake recovery activity is critical for a timely recovery.

Implementing the NIST Cybersecurity Framework can help your organization become more focused on protecting its critical assets. There are many tools that can simplify compliance with this Framework. To learn more about our solution and how it facilitates adoption of the Framework, download our eBook below.

How you can Comply with the NIST Cybersecurity Framework (2024)
Top Articles
Why I bought life insurance before contributing a penny to my 401(k)
iFindLifeInsurance Shop & Compare Life Insurance
Chs.mywork
Frederick County Craigslist
Sound Of Freedom Showtimes Near Governor's Crossing Stadium 14
Craftsman M230 Lawn Mower Oil Change
Access-A-Ride – ACCESS NYC
Repentance (2 Corinthians 7:10) – West Palm Beach church of Christ
Ghosted Imdb Parents Guide
12 Rue Gotlib 21St Arrondissem*nt
The Daily News Leader from Staunton, Virginia
Cad Calls Meriden Ct
Get train & bus departures - Android
Hk Jockey Club Result
Watch Mashle 2nd Season Anime Free on Gogoanime
Moe Gangat Age
Shariraye Update
2021 Lexus IS for sale - Richardson, TX - craigslist
Cool Math Games Bucketball
N2O4 Lewis Structure & Characteristics (13 Complete Facts)
Cyndaquil Gen 4 Learnset
The best TV and film to watch this week - A Very Royal Scandal to Tulsa King
TBM 910 | Turboprop Aircraft - DAHER TBM 960, TBM 910
Nhl Tankathon Mock Draft
Accident On 215
Where to eat: the 50 best restaurants in Freiburg im Breisgau
Highmark Wholecare Otc Store
Best Sports Bars In Schaumburg Il
Netwerk van %naam%, analyse van %nb_relaties% relaties
Relaxed Sneak Animations
Mynahealthcare Login
12657 Uline Way Kenosha Wi
Obsidian Guard's Skullsplitter
Basil Martusevich
Persona 4 Golden Taotie Fusion Calculator
Glossytightsglamour
Craigslist West Seneca
Closest 24 Hour Walmart
Terrier Hockey Blog
Toth Boer Goats
9 oplossingen voor het laptoptouchpad dat niet werkt in Windows - TWCB (NL)
Armageddon Time Showtimes Near Cmx Daytona 12
The power of the NFL, its data, and the shift to CTV
Yakini Q Sj Photos
Menu Forest Lake – The Grillium Restaurant
Sherwin Source Intranet
Marcel Boom X
Union Supply Direct Wisconsin
Blog Pch
Great Clips Virginia Center Commons
Free Carnival-themed Google Slides & PowerPoint templates
Unbiased Thrive Cat Food Review In 2024 - Cats.com
Latest Posts
A financial advisor shares 4 expenses you can cut right now to save money as the pandemic rages on
What Are Your Biggest Questions About Life Insurance? (We Answered Nine) | Cup of Jo
Article information

Author: Maia Crooks Jr

Last Updated:

Views: 6420

Rating: 4.2 / 5 (43 voted)

Reviews: 90% of readers found this page helpful

Author information

Name: Maia Crooks Jr

Birthday: 1997-09-21

Address: 93119 Joseph Street, Peggyfurt, NC 11582

Phone: +2983088926881

Job: Principal Design Liaison

Hobby: Web surfing, Skiing, role-playing games, Sketching, Polo, Sewing, Genealogy

Introduction: My name is Maia Crooks Jr, I am a homely, joyous, shiny, successful, hilarious, thoughtful, joyous person who loves writing and wants to share my knowledge and understanding with you.