As a gold-standard for cybersecurity and the foundation for many of the new standards and regulations starting to emerge today, the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework is more important than ever. Developed as a public and private sector collaboration led by NIST under a presidential executive order to improve critical infrastructure cybersecurity, the NIST Cybersecurity Framework soon scaled beyond energy and critical infrastructure – its outcomes-based approach allowed it to apply to almost any sector and any business size. The NIST Framework is built on three main pillars: the Framework Core, Profiles, and Implementation Tiers. Here, we’ll be diving into the Framework Core and the five functions within it: identify, protect, detect, respond, and recover.
NIST defines the framework core as “a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors . The Core presents industry standards, guidelines, and practices in a manner that allows for communication of cybersecurity activities and outcomes across the organization from the executive level to the…
