Docs

# NIST Core Components

  • Govern (GV): Elevates cybersecurity from IT to a business imperative, linking it to financial and legal risk.
    • Organizational Context (OC): Defining the organization’s mission, stakeholders, and legal requirements.
    • Risk Management Strategy (RM): Establish overall cyber risk appetite and strategy
    • Roles & Responsibilities (RR): Clarifying who does what in cybersecurity
    • Policy (PO): Developing and enforcing cybersecurity policies
    • Oversight (OV): Monitoring and ensuring compliance with policies
    • Cybersecurity Supply Chain Risk Management(C-SCRM) (SC): Managing risks from third-party vendors
  • Identify (ID): Current assets and cybersecurity risks are identified and understood
    • Asset Management (AM): Identify all assets with their importance to the organization, such as and not limited to data, software, hardware, people, etc.
    • Risk Assessment (RA): Cybersecurity risks to the organization, assets, and individual are identified and understood.
    • Improvement (IM): Improvements to organizational Cybersecurity risk management process, procedure, and activities are identified across all CSF functions
  • Protect (PR): Safeguards implemented to manage cybersecurity risks
    • Identity Management, Authentication and Access Control (AA): Access to physical and logical assets is controlled and limited to authorized assets.
    • Awareness Training (AT): To provide personnels with needed cybersecurity awareness and training to ensure understanding of the policies and to be able to perform their cybersecurity-related tasks.
    • Data Security (DS): CIA of all data forms, at-rest/transit/use is protected. Backups are created, protected, maintained, and tested.
    • Platform Security (PS): Protect the CIA of Hardware, Software and Services.
    • Technology Infrastructure Resilience (IR): Protect organizational resilience by managing security architecture.
  • Detect (DE): Provide the ability to find and analyze possible cyberattacks and compromises
    • Continuous Monitoring (CM): Ensure assets are monitored to find anomalies, indicators of compromise, and other potentially adverse events
    • Adverse Event Analysis (AE): Threat Intel from several sources is utilized to characterize events and detect cybersecurity incidents.
  • Response
    • Incident Management (MA): Responses to detected cybersecurity incidents are managed
    • Incident Analysis (AN): Investigations are conducted to ensure effective response and support forensics and recovery activities.
    • Incident Response Reporting and Communication (CO): Response activities coordinated with internal and external stakeholders as required by laws, regulations and/or policies
    • Incident Mitigations (MI): Contain and Eradicate Incidents
  • Recover (RC): Restore assets and operations affected by a cybersecurity incident.
    • Incident Recovery Plan Execution (RP): Perform the restoration activities
    • Incident Recovery Communication (CO): Restoration activities are coordinated with internal and external parties

© Copyright . All rights reserved.