The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is a methodology that provides a structure for organizations to implement a security program and increase their overall security posture. The NIST CSF is broken down into 5 core functions:
Identify
Determine inventory, the criticality of each asset and what needs to be protected
Protect
Select and implement the appropriate mechanisms to secure your assets
Detect
Implement the necessary mechanisms to identify pertinent events and incidents
Respond
Develop the capabilities and techniques to respond to cybersecurity incidents
Recover
Implement appropriate mechanisms and processes to restore operations after an incident
These 5 functions are then broken down into 23 categories and further decomposed into 108 subcategory controls. The controls are outcome driven statements that organizations must implement processes and mechanisms for.
(Click to enlarge)
The GAI Cyber Team has provided input to the release of each version of the NIST CSF since version 1.0 in 2014. We have helped organizations in every industry sector build security programs from the ground up using the NIST CSF. Our team will help architect a new security program or improve upon an existing one while determining the optimal target maturity level your organization should pursue.
Contact a Cybersecurity Expert.
Are you ready to start your compliance journey? GAI Cyber is ready to assist with any of your compliance, cybersecurity, and privacy needs.
GAI Compliance Solutions.
Vulnerability Scanning
Identify. Investigate. Remediate.
