NIST Cyber Security Framework

The National Institute of Standards and Technology is a physical sciences laboratory and non-regulatory agency of the United States Department of Commerce. Its mission is to promote American innovation and industrial competitiveness.

NIST CSF Success Story: University of Kansas Medical Center

 “The Information Security team at the University of Kansas Medical Center is using the Baldrige Cybersecurity Excellence Builder as a framework for self-assessment and program development. The BCEB is a powerful tool, especially when used in conjunction with the NIST Cybersecurity Framework. I don’t think that it’s overly dramatic to say that we’re going to …

NIST CSF Success Story: University of Kansas Medical Center Read More »

NIST CSF Success Story: University of Pittsburgh

 “We’re really happy with the NIST Cybersecurity Framework. Using NIST 800-171 assessments eases the grant proposal and submittal process—allowing us to focus on our passion for research.”  – Jonathan C. Silverstein, MD, MS, FACS, FACMI, Chief Research Informatics Officer, Department of Biomedical Informatics, University of Pittsburgh School of Medicine  Benefits from Using the Framework:  As …

NIST CSF Success Story: University of Pittsburgh Read More »

NIST CSF Success Story: ISACA

“The value of the NIST Cybersecurity Framework cannot be overstated for our organization, as the Framework has provided a common language to organize and communicate about our events, cybersecurity certifications, and training offerings.” – Frank Downs, Director of Cybersecurity Practices, ISACA Benefits from Using the Framework: The Cybersecurity Framework has helped ISACA to provide the “so what” when …

NIST CSF Success Story: ISACA Read More »

NIST CSF Success Story: University of Chicago Biological Sciences Division

“There are many security frameworks, but we found that the Cybersecurity Framework was well-aligned with our main objective, which was to establish a common language for communicating cybersecurity risks across the Division,” – Plamen Martinov, BSD CISO Benefits from Using the Framework: Aligned security risk expectations across all 23 departments through a risk register aligned to …

NIST CSF Success Story: University of Chicago Biological Sciences Division Read More »

NIST CSF Success Stories: Government of Bermuda

“NIST’s Cybersecurity Framework has provided us with a comprehensive roadmap to ensure effective cybersecurity practices are implemented across Government.” – Hon. Wayne M. Caines, JP, MP., Minister of National Security Benefits Received from Implementing the Framework: Alignment of information systems with business security needs across ministries and departments. Identification of information gaps and security controls deficiencies …

NIST CSF Success Stories: Government of Bermuda Read More »

Relationship Between the NIST CSF Framework and Other Approaches and Initiatives

What is the relationship between the Cybersecurity Framework and the NICE Cybersecurity Workforce Framework? Workforce plays a critical role in managing cybersecurity, and many of the Cybersecurity Framework outcomes are focused on people and the processes those people perform. While some outcomes speak directly about the workforce itself (e.g., roles, communications, training), each of the …

Relationship Between the NIST CSF Framework and Other Approaches and Initiatives Read More »

NIST CSF FAQs: Using, Adopting and Implementing NIST

Using The Framework What is the difference between ‘using’, ‘adopting’, and ‘implementing’ the Framework? In a strict sense, these words are fairly interchangeable. They can mean an organization’s use of the Framework as a part of its internal processes. NIST generally refers to “using” the Framework. Would the Framework have prevented recent highly publicized attacks? …

NIST CSF FAQs: Using, Adopting and Implementing NIST Read More »

NIST Cyber Security Framework Components

What is the Framework Core and how is it used? The Framework Core is a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors. An example of Framework outcome language is, “physical devices and systems within the organization are inventoried.” The Core presents industry standards, guidelines, and practices …

NIST Cyber Security Framework Components Read More »

NIST CSF Framework Users

What critical infrastructure does the Framework address? Critical infrastructure (for the purposes of this Framework) is defined in Presidential Policy Directive (PPD) 21 as: “Systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, …

NIST CSF Framework Users Read More »

NIST CSF Framework Basics

What is the Framework, and what is it designed to accomplish? The Framework is voluntary guidance, based on existing standards, guidelines, and practices for organizations to better manage and reduce cybersecurity risk. In addition to helping organizations manage and reduce risks, it was designed to foster risk and cybersecurity management communications amongst both internal and external organizational …

NIST CSF Framework Basics Read More »

Open Whatsapp chat
Whatsapp Us
Chat with us for faster replies.