NIST Cybersecurity Framework

About the Framework

The NIST Cybersecurity Framework was created through collaboration between government and the private sector. It uses a common language to address and manage cybersecurity risk in a cost-effective way based on business needs without placing additional regulatory requirements on businesses. The Framework focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk management processes. The Framework consists of three parts: the Framework Core, the Framework Profile, and the Framework Implementation Tiers. Each Framework component reinforces the connection between business drivers and 188 cybersecurity activities.

Original NIST Cybersecurity Framework