The Cybersecurity Framework (CSF) was developed by the National Institute of Standards and Technology (NIST), a division of the U.S. Department of Commerce.
This framework was created through collaboration between various private-sector and government experts to provide high-level taxonomy of cybersecurity outcomes and a methodology to assess and manage those outcomes.
Despite being a voluntary framework, many organizations around the world and across various industries have leveraged the NIST CSF to make their infrastructures more cyber resilient. According to the 2019 SANS OT/ICS Cybersecurity Survey, the NIST CSF was the most widely adopted cybersecurity framework last year.
The framework contains five different functions (Identify, Protect, Detect, Respond, and Recover), outlining guidelines and best practices to help organizations better manage their cybersecurity risks by assessing and improving their abilities to prevent, detect, and respond to cybersecurity incidents.
These five functions are further separated into 22 categories and then divided into 98 subcategories. Aligning with all these categories is no easy task. However, aligning with the fundamental core functions of the NIST CSF is a great place to start and can help organizations significantly improve their cyber resilience.
To help organizations align with the core functions of the NIST CSF, we’ve drafted an e-book for you to learn more on what these core functions are and how AD360, a web-based identity and access management (IAM) solution, can help. You can download the e-book here.