NIST CSF - National Institute of Standards Cybersecurity Framework


NIST CSF is a policy framework developed by the US National Institute of Standards and Technology in 2014. The framework was introduced to help companies manage and mitigate their cybersecurity risks. The framework is divided into five sections:

1) Identify (ID) - Develop the organizational understanding to manage cybersecurity risk to systems, assets, data and capabilities

2) Protect (PR) - Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services.

3) Detect (DE) - Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.

4) Respond (RS) - Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.

5) Recover (RC) - Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.