Skip to content
Home / Function (NIST CSF 2.0)

Function (NIST CSF 2.0)

The NIST Cybersecurity Framework (CSF) 2.0 organizes cybersecurity activities into six high-level functions that guide organizations in managing and reducing cyber risk. Govern provides strategic oversight, policies, and accountability structures to integrate cybersecurity into organizational decision-making. Identify focuses on understanding assets, business environment, and risk landscape to prioritize protective efforts. Protect involves implementing safeguards such as access controls, encryption, and secure configurations to prevent or limit the impact of cyber events. Detect emphasizes timely discovery of anomalies and potential incidents through monitoring and threat intelligence. Respond outlines processes for containing, mitigating, and communicating during incidents to minimize damage. Finally, Recover addresses restoring capabilities and services after an event to maintain business continuity. Together, these six functions provide a comprehensive, flexible, and risk-based approach to cybersecurity management.

NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations

NIST SP 800-161 Rev. 1, titled “Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations,” offers comprehensive guidance for organizations to identify, assess, and mitigate cybersecurity risks across their… Read More »NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations

ANSSI Recommendations for Multi-Factor Authentication and Passwords

The ANSSI guide “Recommandations relatives à l’authentification multifacteur et aux mots de passe” provides comprehensive security recommendations focused on authentication methods. It strongly advocates for the use of multifactor authentication… Read More »ANSSI Recommendations for Multi-Factor Authentication and Passwords

NIST SP 1800-26 Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events

NIST Special Publication 1800-26, titled “Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events,” provides a practical, standards-based reference guide to help organizations maintain the integrity and availability… Read More »NIST SP 1800-26 Data Integrity: Detecting and Responding to Ransomware and Other Destructive Events

NIST SP 1800-11 Data Integrity: Recovering from Ransomware and Other Destructive Events

NIST Special Publication 1800-11, titled “Data Integrity: Recovering from Ransomware and Other Destructive Events,” is a cybersecurity practice guide that demonstrates how organizations can develop and implement strategies to quickly… Read More »NIST SP 1800-11 Data Integrity: Recovering from Ransomware and Other Destructive Events

NIST SP 800-53 Rev. 5 Security and Privacy Controls for Information Systems and Organizations

NIST Special Publication 800-53 (NIST SP 800-53) provides a comprehensive catalog of security and privacy controls designed to protect federal information systems and organizations from a wide range of risks. The… Read More »NIST SP 800-53 Rev. 5 Security and Privacy Controls for Information Systems and Organizations

NIST SP 1800-25 Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events

NIST SP 1800-25, titled “Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events,” provides practical guidance for organizations to identify, protect, and manage their critical assets against… Read More »NIST SP 1800-25 Data Integrity: Identifying and Protecting Assets Against Ransomware and Other Destructive Events