Skip to content
Home / Function (NIST CSF 2.0) / RS - Respond / MA - Incident Mgt

NIST SP 800-61 Rev. 3 Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile

This document focuses on:
NIST SP 800-61 Revision 3, titled Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile, provides updated guidance to help organizations integrate incident response into their overall cybersecurity risk management, as structured by the NIST Cybersecurity Framework (CSF) 2.0. This revision introduces a new incident response life cycle model that aligns with all six CSF 2.0 Functions—Govern, Identify, Protect, Detect, Respond, and Recover—emphasizing that incident response is not isolated but interconnected with broader risk management activities. The document offers practical recommendations, such as incorporating lessons learned from past incidents, evaluating and improving incident response programs, managing supply chain risks, and establishing clear processes for vulnerability disclosure and risk response. By embedding incident response within the entire cybersecurity lifecycle, organizations can better prepare for, detect, respond to, and recover from incidents, while continuously improving their resilience against evolving cyber threats.

Publication's URL

https://csrc.nist.gov/pubs/sp/800/61/r3/final

Additional documents on this topic



How would you rate this document ?

Click on a star to rate it!

What do you think of this document?

Your email address will not be published. Required fields are marked *