The NIST Cybersecurity Framework is a living document that has undergone at least one major revision, 1.1, and will likely continue to evolve over the coming years. One of the more complex additions encompassed in the Framework during its last revision is an entire roadmap for manufacturing or industrial entities. This additional and specific profile to the 1.1 version of the Framework has been published as a separate document, NISTIR 8183 REV. 1 at https://nvlpubs.nist.gov/nistpubs/ir/2020/NIST.IR.8183r1.pdf.

NIST intends for users to apply the roadmap “for reducing cybersecurity risk for manufacturers that is aligned with manufacturing sector goals and industry best practices.” Built around the primary functional areas of the Framework – Identify (Figure 6.1), Protect (Figure 6.2), Detect (Figure 6.3), Respond (Figure 6.4), and Recover (Figure 6.5) – the “Manufacturing ...