NIST CYBERSECURITY FRAMEWORK

Model:

Summary:

The NIST Cybersecurity Framework provides guidelines and best practices for organizations to manage and reduce cybersecurity risk. It is structured around five core functions that offer a high-level, strategic view of the lifecycle of an organization's management of cybersecurity risk. These functions are Identify, Protect, Detect, Respond, and Recover.

1. Identify: This function is foundational. It involves developing an understanding of the organization's business context, the resources that support critical functions, and the related cybersecurity risks. This means identifying physical and software assets, understanding the organization's business environment, governance policies, and risk management strategies.
2. Protect: The Protect function outlines appropriate safeguards to ensure delivery of critical infrastructure services. Protection involves implementing controls to limit or contain the impact of a potential cybersecurity event. This includes access control, data security, maintenance, and protective technology that help defend against cyber threats.
3. Detect: The Detect function involves the development and implementation of appropriate activities to identify the occurrence of a cybersecurity event. This includes continuous monitoring, anomaly and event detection, and assessment of the severity of incidents as they occur. Timely discovery of security breaches is crucial to effective response and recovery operations.
4. Respond: After detecting a cybersecurity event, the Respond function addresses the appropriate activities to take action regarding a detected cybersecurity incident. This function helps to limit the impact of an incident, with activities like response planning, communications, analysis, mitigation, and improvements to be prepared for future incidents.
5. Recover: The final function, Recover, involves plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event. The recovery plan includes communications, repairs, and actions to return to normal operations and reduce the risk of future incidents.

Together, these five functions provide a strategic view of the lifecycle of managing cybersecurity risk. The NIST Cybersecurity Framework is designed to be flexible and customizable for a broad range of sectors and organizations of all sizes, and it aims to help organizations manage and reduce their cybersecurity risk while fostering risk management communications amongst both internal and external organizational stakeholders.

NIST 800-171/172 Domains & Controls

Sources:

NIST 800-53: Security & Privacy Controls for Information Systems and Organizations

NIST SP 800-171: Protecting Controlled Unclassified Information