Understanding the NIST Cybersecurity Framework

NIST Cybersecurity Framework 2.0

What exactly is it?

NIST is the National Institute of Standards and Technology at the U.S. Department of Commerce. The NIST Cybersecurity Framework helps businesses of all sizes better understand, manage, and reduce their cybersecurity risk and protect their networks and data. The Framework is voluntary. It gives your business an outline of best practices to help you decide where to focus your time and money for cybersecurity protection.

You can apply the NIST Cybersecurity Framework to your business in these six areas: Govern, Identify, Protect, Detect, Respond, and Recover. 

1. Govern: Establish and monitor the organization's cybersecurity risk management strategy, expectations, and policy
2. Identify: Help determine the current cybersecurity risk to the organization
3. Protect: Use safeguards to prevent or reduce cybersecurity risk
4. Detect: Find and analyze possible cybersecurity attacks and compromises
5. Respond: Take action regarding a detected cybersecurity incident
6. Recover: Restore assets and operations that were impacted by a cybersecurity incident

This discussion draft features implementation examples at each of the six areas of mitigation.

Please complete the form below to access the Framework.