Skip to content
Home

Function (NIST CSF 2.0)

The NIST Cybersecurity Framework (CSF) 2.0 organizes cybersecurity activities into six high-level functions that guide organizations in managing and reducing cyber risk. Govern provides strategic oversight, policies, and accountability structures to integrate cybersecurity into organizational decision-making. Identify focuses on understanding assets, business environment, and risk landscape to prioritize protective efforts. Protect involves implementing safeguards such as access controls, encryption, and secure configurations to prevent or limit the impact of cyber events. Detect emphasizes timely discovery of anomalies and potential incidents through monitoring and threat intelligence. Respond outlines processes for containing, mitigating, and communicating during incidents to minimize damage. Finally, Recover addresses restoring capabilities and services after an event to maintain business continuity. Together, these six functions provide a comprehensive, flexible, and risk-based approach to cybersecurity management.

CISA Principles for the Secure Integration of Artificial Intelligence in Operational Technology

The CISA Principles for the Secure Integration of Artificial Intelligence in Operational Technology provide a comprehensive framework to help critical infrastructure owners and operators securely integrate AI into their OT… Read More »CISA Principles for the Secure Integration of Artificial Intelligence in Operational Technology

CISA Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators

The CISA guidance titled “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators” provides operational technology (OT) owners and operators across critical infrastructure sectors with practical, step-by-step recommendations… Read More »CISA Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators

CISA Primary Mitigations to Reduce Cyber Threats to Operational Technology

The CISA “Primary Mitigations to Reduce Cyber Threats to Operational Technology” fact sheet outlines five core strategies for critical infrastructure operators to strengthen the cybersecurity of their operational technology (OT)… Read More »CISA Primary Mitigations to Reduce Cyber Threats to Operational Technology