NIST Cybersecurity Framework (CSF)

What is the NIST Cybersecurity Framework?

The Framework for Improving Critical Infrastructure Cybersecurity, more commonly referred to as simply the Cybersecurity Framework (CSF), was originally published by the National Institute for Standards and Technology (NIST) in February 2014. This framework was published in response to Executive Order 13636, Improving Critical Infrastructure Cybersecurity. The NIST CSF is an evolving framework developed to improve cybersecurity risk management in critical infrastructure. While the framework itself is not mandatory, there is increasing pressure from regulating agencies for critical infrastructure operators to improve cybersecurity and NIST CSF acts as a guide for doing so.

Who is the intended audience?

While NIST CSF was originally developed to improve cybersecurity risk management in critical infrastructure, it can be leveraged by organizations of any size across any industry.

Where can I find more information?

The following resources can be found on the National Institute for Standards and Technology website:

How can runZero help me with these controls?

The following illustrates how runZero aligns with NIST CSF v1.1. The framework is based on 5 core functions: Identify, Protect, Detect, Respond, and Recover. Within each function are categories of controls. Each category is further divided into subcategories or outcomes. Where Strong alignment is noted, runZero can play a significant role in helping an organization implement safeguards. Where Partial alignment is noted, runZero can play a complementary role in helping an organization implement safeguards.

ID Function Category Strong alignment Partial alignment
ID.AM Identify Asset Management
ID.BE Identify Business Environment
ID.GV Identify Governance
ID.RA Identify Risk Assessment
ID.RM Identify Risk Management Strategy
ID.SC Identify Supply Chain Risk Management
PR.AC Protect Identity Management, Authentication and Access Control
PR.AT Protect Awareness and Training
PR.DS Protect Data Security
PR.IP Protect Information Protection Processes and Procedures
PR.MA Protect Maintenance
PR.PT Protect Protective Technology
DE.AE Detect Anomalies and Events
DE.CM Detect Security Continuous Monitoring
DE.DP Detect Detection Processes
RS.RP Respond Response Planning
RS.CO Respond Communications
RS.AN Respond Analysis
RS.MI Respond Mitigation
RS.IM Respond Improvements
RC.RP Recover Recovery Planning
RC.IM Recover Improvements
RC.CO Recover Communications