Swiftorial Logo
Home
Swift Lessons
AI Tools
Learn More
Career
Resources

NIST Cybersecurity Framework

Introduction

The National Institute of Standards and Technology (NIST) Cybersecurity Framework provides a policy framework of computer security guidance for how private sector organizations in the US can assess and improve their ability to prevent, detect, and respond to cyber attacks.

Core Functions

The NIST Cybersecurity Framework is composed of five core functions:

  • Identify: Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities.
  • Protect: Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services.
  • Detect: Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.
  • Respond: Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.
  • Recover: Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.

Implementation Tiers

The framework provides four implementation tiers to help organizations understand their current level of cybersecurity risk management practices:

  • Tier 1: Partial
  • Tier 2: Risk Informed
  • Tier 3: Repeatable
  • Tier 4: Adaptive

Example: An organization at Tier 1 may not have formalized risk management practices, while an organization at Tier 4 has a highly adaptive and proactive cybersecurity approach.

Framework Profile

The Framework Profile represents the outcomes based on business needs that an organization has selected from the Framework Categories and Subcategories. The Profile can be used to identify opportunities for improving cybersecurity posture by comparing a "Current" Profile with a "Target" Profile.

Example: A current profile might indicate that an organization only has rudimentary incident response capabilities, while a target profile might aim for a fully developed incident response strategy.

Steps for Establishing or Improving a Cybersecurity Program

NIST provides a seven-step process to help organizations establish or improve their cybersecurity programs:

  1. Prioritize and Scope: Identify business/mission objectives and high-level organizational priorities.
  2. Orient: Identify related systems, assets, threats, and vulnerabilities.
  3. Create a Current Profile: Develop a profile that reflects the current state of cybersecurity practices.
  4. Conduct a Risk Assessment: Analyze the operational environment to discern the likelihood and impact of potential events.
  5. Create a Target Profile: Develop a profile that reflects the desired cybersecurity outcomes.
  6. Determine, Analyze, and Prioritize Gaps: Identify gaps between the current and target profiles and prioritize them based on risk assessment.
  7. Implement Action Plan: Address the gaps to achieve the target profile.

Benefits of Using the Framework

Using the NIST Cybersecurity Framework can provide several benefits, including:

  • Improved risk management and cybersecurity posture.
  • Enhanced ability to communicate cybersecurity requirements with stakeholders.
  • Alignment of policy, business, and technological approaches to managing cybersecurity risks.
  • Increased efficiency in managing resources for cybersecurity efforts.

Conclusion

The NIST Cybersecurity Framework is a comprehensive guide to help organizations improve their cybersecurity practices. By following the framework, organizations can better understand, manage, and reduce their cybersecurity risks, ensuring they can protect their critical infrastructure and data from cyber threats.