Skip to content
Home

Function (NIST CSF 2.0)

The NIST Cybersecurity Framework (CSF) 2.0 organizes cybersecurity activities into six high-level functions that guide organizations in managing and reducing cyber risk. Govern provides strategic oversight, policies, and accountability structures to integrate cybersecurity into organizational decision-making. Identify focuses on understanding assets, business environment, and risk landscape to prioritize protective efforts. Protect involves implementing safeguards such as access controls, encryption, and secure configurations to prevent or limit the impact of cyber events. Detect emphasizes timely discovery of anomalies and potential incidents through monitoring and threat intelligence. Respond outlines processes for containing, mitigating, and communicating during incidents to minimize damage. Finally, Recover addresses restoring capabilities and services after an event to maintain business continuity. Together, these six functions provide a comprehensive, flexible, and risk-based approach to cybersecurity management.

CIS Controls Internet of Things Companion Guide

The CIS Controls Internet of Things (IoT) Companion Guide provides detailed guidance on how to apply the cybersecurity best practices of the CIS Controls, particularly Version 8.1, to IoT environments.… Read More »CIS Controls Internet of Things Companion Guide

NIST IR 8374 Rev. 1 Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile

The “Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile” is a NIST publication that provides organizations with a practical guide to managing ransomware risks using the updated NIST Cybersecurity… Read More »NIST IR 8374 Rev. 1 Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile

ISO/IEC 27002:2022 Information security, cybersecurity and privacy protection — Information security controls

The latest version of ISO/IEC 27002 was published on February 15, 2022. This 2022 revision replaced the previous 2013 edition and introduced significant changes including a reduction in the number… Read More »ISO/IEC 27002:2022 Information security, cybersecurity and privacy protection — Information security controls

NIST SP 800-53 Rev. 5 Security and Privacy Controls for Information Systems and Organizations

NIST Special Publication 800-53 (NIST SP 800-53) provides a comprehensive catalog of security and privacy controls designed to protect federal information systems and organizations from a wide range of risks. The… Read More »NIST SP 800-53 Rev. 5 Security and Privacy Controls for Information Systems and Organizations