The National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity (NIST Cybersecurity Framework) organizes basic cybersecurity activities at their highest level. These highest levels are known as functions: Show
These help agencies manage cybersecurity risk by organizing information, enabling risk management decisions, addressing threats, and learning from previous activities. Categories are subdivisions of a function. They group cybersecurity outcomes closely tied to programmatic needs and particular activities. CSF product and service providersWe provide cybersecurity solutions related to these CSF functions through the following IT Security services and products:
The table below provides links to service providers who qualified to be part of the HACS SIN, and to CDM products approved by the Department of Homeland Security.
CSF functions and categories
IntroductionThe National Institute of Standards and Technology’s Cybersecurity Framework, or NIST CSF, was first published in 2014 to provide guidance for organizational cybersecurity defenses and risk management. This framework is renowned for its inherent flexibility and open-endedness to account for different organizational needs. At its center, NIST CSF comprises five core functions. This article will detail the second of these functions, Protect, and explore the Framework’s five core functions, what the Protect function is and the outcome categories and subcategory activities of this function. What is the NIST CSF framework core?The framework core is a set of recommended activities designed to achieve certain cybersecurity outcomes and serves as guidance, not intended to serve as a checklist. The core is composed of five functions that work together to achieve the outcomes mentioned above. These elements are:
What is the Protect function?NIST defines the purpose of the Protect function as “(to) develop and implement appropriate safeguards to ensure delivery of critical services.” Just as many experts have made the analogy that the previous function, Identify, was the foundation of the CSF core framework functions, the Protect function can be thought of as framing the rest of the functions yet to come. Outcome categories and subcategory activitiesEach Framework function is composed of outcome categories that describe the kinds of processes and tasks organizations should carry out for that Framework level. The Protect function contains six outcome categories, each of which in turn contains subcategory activities. Identity Management, Authentication and Access ControlThis category is defined as “access to physical and logical assets and associated facilities is limited to authorized users, processes, and devices, and is managed consistent with the assessed risk of unauthorized access to authorized activities and transactions.” Subcategory activities
Awareness and TrainingNIST defines this category as “the organization’s personnel and partners are provided cybersecurity awareness education and are trained to perform their cybersecurity-related duties and responsibilities consistent with related policies, procedures, and agreements.” Subcategory activities
Data SecurityNIST defines this category as “information and records (data) are managed consistent with the organization’s risk strategy to protect the confidentiality, integrity, and availability of information.” Subcategory activities
Information Protection Processes and ProceduresNIST defines this category as “security policies (that address purpose, scope, roles, responsibilities, management commitment, and coordination among organizational entities), processes, and procedures are maintained and used to manage protection of information systems and assets.” Subcategory activities
MaintenanceNIST defines this category as “maintenance and repairs of industrial control and information system components are performed consistent with policies and procedures.” Subcategory activities
Protective TechnologyNIST defines this category as “technical security solutions are managed to ensure the security and resilience of systems and assets, consistent with related policies, procedures, and agreements.” Subcategory activities
ConclusionThe Protect core framework function is the second function listed in the NIST CSF. This function serves as a frame for the remaining functions, similar to how the Identify function served as the foundation. By applying these outcome categories (and related subcategories) to your organization’s risk management posture, your organization will be well-positioned to execute the remaining functions of the NIST CSF. Sources
Which NIST Cybersecurity Framework core function is concerned with the development and implementation?NIST CSF: Detect
The Detect function requires the development and implementation of the appropriate activities to recognize the occurrence of a cybersecurity event. "The Detect function enables the timely discovery of cybersecurity events.
What are the core Functions of the NIST Framework?A Closer Look at the 5 Functions of NIST CSF. Identify. Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities. ... . Protect. Develop and implement appropriate safeguards to ensure delivery of critical services. ... . Detect. ... . Respond. ... . Recover.. Which function of the NIST Cybersecurity Framework calls for an organization to implement plans for resilience?Recover. The Framework's Recover function outlines steps organizations could take to develop, implement, and maintain plans for resilience and to restore capabilities or services that were impaired due to a cybersecurity event.
What is the purpose of the NIST CSF?The NIST Cybersecurity Framework (NIST CSF) provides guidance on how to manage and reduce IT infrastructure security risk. The CSF is made up of standards, guidelines and practices that can be used to prevent, detect and respond to cyberattacks.
|