CyberSecurity Functions and Categories

/in /by

The NIST CyberSecurity Framework includes a breakdown of key cybersecurity functions and categories. These critical cybersecurity functions and categories are defined in the Framework Core, providing a common point of reference for measurement and analysis of an organization’s risk management posture vs best practices defined within a specific cybersecurity standard (e.g. NIST 800-171) or industry guideline (e.g. Manufacturing Profile).

Core functions defined in the NIST CyberSecurity Framework describe the high-level, strategic view of an organization’s approach to cybersecurity management. Core categories (and subcategories) break each function into manageable components that are more easily aligned with the metrics used to assess the organization’s cybersecurity risk management efforts. Taken together, this standardized alignment of cybersecurity functions and categories establishes a consistent benchmark for measuring progress from the current (As Is) situation to the desired (To Be) objective.

Five key functions are included in the NIST CyberSecurity Framework:

  • Identify: The activities in the Identify function define the resources that support critical business functions and help focus/prioritize the organization’s risk management strategy.
  • Protect: Activities defined in the Protect function support an organization’s ability to limit or contain the impact of a potential cybersecurity event.
  • Detect: Activities in the Detect function enable timely discovery of common cybersecurity events and anomalies, facilitating implementation of an effective response.
  • Respond: Activities in the Respond function prepare the organization for rapid, effective action after a cybersecurity event has occurred.
  • Recover: Activities in the Recover function support timely recovery to normal operations.

CyberSecurity Functions and Categories Define Benchmarking/Improvement Activities

CyberSecurity functions and categories structure the activities defined by an organization as critical to its risk mitigation and response efforts. Categories and subcategories are tailored to the specific requirements of each organization. The table below provides an example of a typical function/category breakdown:

CyberSecurity Functions and Categories

The following links provide additional background information:

 

NIST CyberSecurity Framework

/in /by

NIST CyberSecurity Framework (CSF)

The NIST CyberSecurity Framework (CSF) is a voluntary set of standards, best practices and recommendations developed by the U.S. Commerce Department’s National Institute of Standards and Technology (NIST). The purpose of the standard is to help both government and private sector organization’s improve their security posture by formalizing the documentation and management of cybersecurity risks.

The latest version of the framework (v1.1), released on April 16, 2018, better explains how the NIST CyberSecurity Framework can be used within an organization to understand and assess cybersecurity risks. It also clarifies that the framework itself IS NOT a certification standard, but is rather intended to be paired with other frameworks and/or certification standards (such as NIST 800‐171) to achieve desired outcomes.

The NIST CyberSecurity Framework include three primary components:

  • Core: The Framework Core defines/outlines core principles, activities and outcomes.
  • Implementation tiers: Implementation tiers position the framework within an organization’s overall risk management strategy.
  • Profiles: Framework profiles describe specific implementation scenarios.

Taken together, the components of the NIST CyberSecurity Framework provide a flexible, cost-effective starting point for cybersecurity risk awareness, analysis and improvement initiatives. They also serve as a basis (common starting point) for achieving compliance with specific cybersecurity standards (such as NIST 800-171) within an organization … or within an organization’s entire supply chain (Supply Chain Risk Management). Visit the CyberSecurity Services section of our website for more information about the NIST CyberSecurity Framework and our NIST 800-171 Compliance Program.