ELI5: What is the NIST Cybersecurity Framework?
Imagine a five-step recipe for keeping your treehouse safe: figure out what you have, protect it, watch for intruders, deal with them if they show up, and fix any damage afterward.
Definition
The NIST Cybersecurity Framework (CSF) is a voluntary, risk-based framework developed by the National Institute of Standards and Technology (NIST) to help organizations manage and reduce cybersecurity risk. Originally designed for US critical infrastructure, it has been widely adopted across all sectors globally. The framework is organized around five core functions — Identify, Protect, Detect, Respond, Recover — which together form a continuous cycle of cybersecurity risk management.
Key Details
- Identify: understand assets, risks, and governance (asset management, risk assessment, supply chain)
- Protect: implement safeguards (access control, awareness training, data security, protective technology)
- Detect: identify cybersecurity events (anomalies, continuous monitoring, detection processes)
- Respond: take action on detected events (response planning, communications, analysis, mitigation)
- Recover: restore capabilities after incidents (recovery planning, improvements, communications)
- CSF 2.0 (released 2024) added a sixth function: Govern, placing governance at the center of all five functions
Connections
- Parent: regulations-and-frameworks — NIST CSF is the most widely adopted US cybersecurity framework
- See also: nist-sp-800-53
- See also: iso-27001-27002