NIST Cybersecurity Framework
What is NIST Cyber Security Framework?
The NIST Cybersecurity Framework is designed for individual businesses and other organizations to use to assess risks they face.
The framework is divided into three parts, “Core”, “Profile” and “Tiers”.
-
The “Framework Core” – contains an array of activities, outcomes and references about aspects and approaches to cybersecurity.
-
The “Framework Implementation Tiers” – are used by an organization to clarify for itself and its partners how it views cybersecurity risk and the degree of sophistication of its management approach.
-
A “Framework Profile” is a list of outcomes that an organization has chosen from the categories and subcategories, based on its needs and risk assessments.
Who Does It Apply To?
While the primary stakeholders of the Framework are U.S. private-sector owners and operators of critical infrastructure, its user base has grown to include communities and organizations across the globe.
Scope of Regulation
It covers entire organization and their data, processes etc. The Framework Core consists of five concurrent and continuous Functions
-
Identify
-
Protect
-
Detect
-
Respond
-
Recover
When considered together, these Functions provide a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk.
Core Requirements
Identify
The data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes are identified and managed consistent with their relative importance to business objectives and the organization’s risk strategy.
Protect
Access to assets and associated facilities is limited to authorized users, processes, or devices, and to authorized activities and transactions & data is protected from unauthorized changes/access.
Detect
The information system and assets are monitored at discrete intervals to identify cybersecurity events and verify the effectiveness of protective measures.
Respond
Response processes and procedures are executed and maintained, to ensure timely response to detected cybersecurity events.
Recover
Recovery processes and procedures are executed and maintained to ensure timely restoration of systems or assets affected by cybersecurity events.