Skip to content
Home

Function (NIST CSF 2.0)

The NIST Cybersecurity Framework (CSF) 2.0 organizes cybersecurity activities into six high-level functions that guide organizations in managing and reducing cyber risk. Govern provides strategic oversight, policies, and accountability structures to integrate cybersecurity into organizational decision-making. Identify focuses on understanding assets, business environment, and risk landscape to prioritize protective efforts. Protect involves implementing safeguards such as access controls, encryption, and secure configurations to prevent or limit the impact of cyber events. Detect emphasizes timely discovery of anomalies and potential incidents through monitoring and threat intelligence. Respond outlines processes for containing, mitigating, and communicating during incidents to minimize damage. Finally, Recover addresses restoring capabilities and services after an event to maintain business continuity. Together, these six functions provide a comprehensive, flexible, and risk-based approach to cybersecurity management.

NIST IR 8286 Integrating Cybersecurity and Enterprise Risk Management (ERM)

NIST IR 8286 Rev. 1, Integrating Cybersecurity and Enterprise Risk Management (ERM), provides a strategic framework for bridging the gap between technical security operations and high-level business decision-making. It emphasizes… Read More »NIST IR 8286 Integrating Cybersecurity and Enterprise Risk Management (ERM)

NIST IR 8286A Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management

NIST IR 8286A Rev. 1, Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management, serves as a specialized companion to the main framework by providing deep-dive methodologies for the initial… Read More »NIST IR 8286A Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management

CIS Controls Internet of Things Companion Guide

The CIS Controls Internet of Things (IoT) Companion Guide provides detailed guidance on how to apply the cybersecurity best practices of the CIS Controls, particularly Version 8.1, to IoT environments.… Read More »CIS Controls Internet of Things Companion Guide

CISA Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators

The CISA guidance titled “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators” provides operational technology (OT) owners and operators across critical infrastructure sectors with practical, step-by-step recommendations… Read More »CISA Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators