Skip to content
Home / Function (NIST CSF 2.0) / PR - Protect

IR – Infrastructure

NIST CSF Sub-Category PR.IR
In cybersecurity for infrastructure, normative documents are essential for ensuring that physical and digital systems—such as networks, servers, cloud environments, and industrial control systems—are designed, deployed, and maintained securely. Standards like ISO/IEC 27001 and ISO/IEC 27019 (for energy sector control systems) provide frameworks for securing IT and operational technology (OT) infrastructure, while NIST SP 800-82 offers guidance for industrial control system security. Regulatory bodies and agencies such as CISA in the U.S., ENISA in Europe, and national cybersecurity centers issue requirements, alerts, and best practices for infrastructure protection. By adhering to these normative documents, organizations can implement robust security controls, reduce exposure to attacks, and demonstrate compliance with laws and industry regulations, ensuring the resilience of critical infrastructure.

CSA Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration

The Cloud Security Alliance’s (CSA) Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™) is an emerging, cloud-centric threat matrix designed to address the unique and rapidly evolving security risks in cloud… Read More »CSA Cloud Adversarial Vectors, Exploits, and Threats (CAVEaT™): An Emerging Threat Matrix for Industry Collaboration