Skip to content
    Home / Function (NIST CSF 2.0)

    Function (NIST CSF 2.0)

    The NIST Cybersecurity Framework (CSF) 2.0 organizes cybersecurity activities into six high-level functions that guide organizations in managing and reducing cyber risk. Govern provides strategic oversight, policies, and accountability structures to integrate cybersecurity into organizational decision-making. Identify focuses on understanding assets, business environment, and risk landscape to prioritize protective efforts. Protect involves implementing safeguards such as access controls, encryption, and secure configurations to prevent or limit the impact of cyber events. Detect emphasizes timely discovery of anomalies and potential incidents through monitoring and threat intelligence. Respond outlines processes for containing, mitigating, and communicating during incidents to minimize damage. Finally, Recover addresses restoring capabilities and services after an event to maintain business continuity. Together, these six functions provide a comprehensive, flexible, and risk-based approach to cybersecurity management.

    NIST SP 800-61 Rev. 3 Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile

    NIST SP 800-61 Revision 3, titled Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile, provides updated guidance to help organizations integrate incident response into their… Read More »NIST SP 800-61 Rev. 3 Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile

    NIST IR 8286C Staging Cybersecurity Risks for Enterprise Risk Management and Governance Oversight

    NIST IR 8286C Rev. 1, Staging Cybersecurity Risks for Enterprise Risk Management and Governance Oversight, completes the risk management cycle by detailing how prioritized risks are formally communicated and acted… Read More »NIST IR 8286C Staging Cybersecurity Risks for Enterprise Risk Management and Governance Oversight