NIST CSF: NIST CSF core functions

Introduction

The National Institute of Standards and Technology (NIST)’s Cybersecurity Security Framework (CSF) Core consists of five functions. They include:

  1. Identify
  2. Protect
  3. Detect
  4. Respond
  5. Recover

These functions are the highest level of abstraction incorporated in the NIST CSF core functions and act as the backbone of all other elements organized around them.

The core functions contain a list of categories, subcategories and informative references that defines specific cybersecurity activities prevalent across all the critical infrastructure sectors. They aren’t intended to form a serial path to a static desired end-state; instead, the core functions should be performed continuously and concurrently to form an operational culture that deals with dynamic cybersecurity risks. 

Informative references are broader and more technical than the NIST CSF itself. Examples of these references include ISO, ISA and COBIT.

In addition to their continuous, concurrent and chronological nature, core functions should also be considered as a set of principles to be balanced in parallel. When it comes to the management of IT risks and risk-based decisions, the role of core functions is always crucial. In a nutshell, core functions act as five key pillars for result-oriented and holistic cybersecurity of any organization.

In this article, we will shed a light on a brief but comprehensive overview of all NIST CSF core functions.

Identify

Since cybersecurity risks are continuous and evolving at a rapid pace, the security of your information systems, assets, data, people and capabilities is indispensable. To accomplish this goal, Identify as a first function of the NIST CSF core functions plays its crucial role by assisting organizations with developing an understanding in order to manage cybersecurity risk to their critical infrastructure.

Once you have identified risk, you can effectively prioritize and conduct the accurate risk assessment in the light of such risk and available resources.

(Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Fakhar Imam. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/XkkciCibemg/