Skip to content
Home

Function (NIST CSF 2.0)

The NIST Cybersecurity Framework (CSF) 2.0 organizes cybersecurity activities into six high-level functions that guide organizations in managing and reducing cyber risk. Govern provides strategic oversight, policies, and accountability structures to integrate cybersecurity into organizational decision-making. Identify focuses on understanding assets, business environment, and risk landscape to prioritize protective efforts. Protect involves implementing safeguards such as access controls, encryption, and secure configurations to prevent or limit the impact of cyber events. Detect emphasizes timely discovery of anomalies and potential incidents through monitoring and threat intelligence. Respond outlines processes for containing, mitigating, and communicating during incidents to minimize damage. Finally, Recover addresses restoring capabilities and services after an event to maintain business continuity. Together, these six functions provide a comprehensive, flexible, and risk-based approach to cybersecurity management.

Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (Final Rule; Release No. 33-11216)

This regulation requires public companies to enhance and standardize their disclosures regarding cybersecurity to provide investors with more consistent and decision-useful information. It mandates two primary types of reporting: the… Read More »Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (Final Rule; Release No. 33-11216)

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) establishes a comprehensive cybersecurity framework designed to protect electronic protected health information (ePHI) within healthcare organizations. Central to HIPAA’s cybersecurity… Read More »Health Insurance Portability and Accountability Act of 1996 (HIPAA)