Skip to content
    Home / Function (NIST CSF 2.0)

    Function (NIST CSF 2.0)

    The NIST Cybersecurity Framework (CSF) 2.0 organizes cybersecurity activities into six high-level functions that guide organizations in managing and reducing cyber risk. Govern provides strategic oversight, policies, and accountability structures to integrate cybersecurity into organizational decision-making. Identify focuses on understanding assets, business environment, and risk landscape to prioritize protective efforts. Protect involves implementing safeguards such as access controls, encryption, and secure configurations to prevent or limit the impact of cyber events. Detect emphasizes timely discovery of anomalies and potential incidents through monitoring and threat intelligence. Respond outlines processes for containing, mitigating, and communicating during incidents to minimize damage. Finally, Recover addresses restoring capabilities and services after an event to maintain business continuity. Together, these six functions provide a comprehensive, flexible, and risk-based approach to cybersecurity management.

    NIST IR 8286D Using Business Impact Analysis to Inform Risk Prioritization and Response

    NIST IR 8286D, Using Business Impact Analysis to Inform Risk Prioritization and Response, bridges the gap between traditional Business Impact Analysis (BIA) and modern cybersecurity risk management. It provides a… Read More »NIST IR 8286D Using Business Impact Analysis to Inform Risk Prioritization and Response

    NIST IR 8374 Rev. 1 Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile

    The “Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile” is a NIST publication that provides organizations with a practical guide to managing ransomware risks using the updated NIST Cybersecurity… Read More »NIST IR 8374 Rev. 1 Ransomware Risk Management: A Cybersecurity Framework 2.0 Community Profile

    COMPLIANCE FORGE Secure Controls Framework (SCF) Control Mapping

    The ComplianceForge Secure Controls Framework (SCF) Control Mapping is a comprehensive resource designed to help organizations efficiently align their cybersecurity and privacy controls with multiple regulatory, statutory, and contractual requirements.… Read More »COMPLIANCE FORGE Secure Controls Framework (SCF) Control Mapping

    NIST SP 800-55 Vol. 2 Measurement Guide for Information Security: Volume 2 — Developing an Information Security Measurement Program

    The NIST Special Publication 800-55, Volume 2, titled “Measurement Guide for Information Security,” provides a flexible methodology and workflow for developing an information security measurement program. It is designed to… Read More »NIST SP 800-55 Vol. 2 Measurement Guide for Information Security: Volume 2 — Developing an Information Security Measurement Program

    NIST SP 800-55 Vol. 1 Measurement Guide for Information Security: Volume 1 — Identifying and Selecting Measures

    NIST Special Publication 800-55 Volume 1, titled “Measurement Guide for Information Security,” provides a flexible and comprehensive approach for developing, selecting, and prioritizing information security measures at the organizational, mission/business,… Read More »NIST SP 800-55 Vol. 1 Measurement Guide for Information Security: Volume 1 — Identifying and Selecting Measures