NIST Cybersecurity Framework
What is NIST Cyber Security Framework?
The NIST Cybersecurity Framework is designed for individual businesses and other organizations to use to assess risks they face.
The framework is divided into three parts, “Core”, “Profile” and “Tiers”.
The “Framework Core” – contains an array of activities, outcomes and references about aspects and approaches to cybersecurity.
The “Framework Implementation Tiers” – are used by an organization to clarify for itself and its partners how it views cybersecurity risk and the degree of sophistication of its management approach.
A “Framework Profile” is a list of outcomes that an organization has chosen from the categories and subcategories, based on its needs and risk assessments.
Who Does It Apply To?
While the primary stakeholders of the Framework are U.S. private-sector owners and operators of critical infrastructure, its user base has grown to include communities and organizations across the globe.
Scope of Regulation
It covers entire organization and their data, processes etc. The Framework Core consists of five concurrent and continuous Functions