NIST Cybersecurity Framework (CSF)
What is the NIST Cybersecurity Framework?
The Framework for Improving Critical Infrastructure Cybersecurity, more commonly referred to as simply the Cybersecurity Framework (CSF), was originally published by the National Institute for Standards and Technology (NIST) in February 2014. This framework was published in response to Executive Order 13636, Improving Critical Infrastructure Cybersecurity. The NIST CSF is an evolving framework developed to improve cybersecurity risk management in critical infrastructure. While the framework itself is not mandatory, there is increasing pressure from regulating agencies for critical infrastructure operators to improve cybersecurity and NIST CSF acts as a guide for doing so.
Who is the intended audience?
While NIST CSF was originally developed to improve cybersecurity risk management in critical infrastructure, it can be leveraged by organizations of any size across any industry.
Where can I find more information?
The following resources can be found on the National Institute for Standards and Technology website:
- Cybersecurity Framework v1.1
- Cybersecurity Framework v1.1 Frequently Asked Questions
- Journey to CSF 2.0
How can runZero help me with these controls?
You can find the latest information on how runZero can help with NIST CSF at the following page.