Skip to content
Home / Function (NIST CSF 2.0)

Function (NIST CSF 2.0)

The NIST Cybersecurity Framework (CSF) 2.0 organizes cybersecurity activities into six high-level functions that guide organizations in managing and reducing cyber risk. Govern provides strategic oversight, policies, and accountability structures to integrate cybersecurity into organizational decision-making. Identify focuses on understanding assets, business environment, and risk landscape to prioritize protective efforts. Protect involves implementing safeguards such as access controls, encryption, and secure configurations to prevent or limit the impact of cyber events. Detect emphasizes timely discovery of anomalies and potential incidents through monitoring and threat intelligence. Respond outlines processes for containing, mitigating, and communicating during incidents to minimize damage. Finally, Recover addresses restoring capabilities and services after an event to maintain business continuity. Together, these six functions provide a comprehensive, flexible, and risk-based approach to cybersecurity management.

NIST SP 800-172 Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171

NIST SP 800-172 is a supplementary publication to NIST SP 800-171 that provides 35 enhanced security requirements designed to protect controlled unclassified information (CUI) on non-federal systems, especially when related… Read More »NIST SP 800-172 Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST Special Publication 800-171

NIST SP 800-171 Rev. 3 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

NIST SP 800-171 is a set of cybersecurity standards developed by the National Institute of Standards and Technology (NIST) to protect Controlled Unclassified Information (CUI) in nonfederal systems and organizations.… Read More »NIST SP 800-171 Rev. 3 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

NIST SP 1800-28 Data Confidentiality: Identifying and Protecting Assets Against Data Breaches

NIST Special Publication 1800-28, titled “Data Confidentiality: Identifying and Protecting Assets Against Data Breaches,” provides a comprehensive guide to help organizations identify and protect their data assets from unauthorized access… Read More »NIST SP 1800-28 Data Confidentiality: Identifying and Protecting Assets Against Data Breaches

NIST SP 1800-29 Data Confidentiality: Detect, Respond to, and Recover from Data Breaches

NIST Special Publication 1800-29, “Data Confidentiality: Detect, Respond to, and Recover from Data Breaches,” provides organizations with practical guidance on managing data confidentiality risks by focusing on the latter three… Read More »NIST SP 1800-29 Data Confidentiality: Detect, Respond to, and Recover from Data Breaches

NIST SP 1800-26 Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events

NIST Special Publication 1800-26, titled “Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events,” provides a practical, standards-based reference guide to help organizations maintain the integrity and availability… Read More »NIST SP 1800-26 Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events