book

NIST CSF 2.0 - Your essential introduction to managing cybersecurity risks

by Andrew Pattison

February 2025

Beginner to intermediate

94 pages

1h 27m

English

IT Governance Publishing

Read now

Unlock full access

Origins of the CSFThe NIST Cybersecurity Framework
Relevant factors and variablesImplementation benefitsStructure
FunctionsCategoriesSubcategoriesFramework profilesFramework implementation tiers
Informative referencesNIST SP 800-53Implementation examplesQuick-start guides

GovernIdentifyProtectDetectRespondRecover
MethodologiesRisk responsesNIST Risk Management Framework
Step 1: Determine objectives, priorities, and scopeStep 2: Identify assets and risksStep 3: Create a current profileStep 4: Conduct a risk assessmentStep 5: Create a target profileStep 6: Perform a gap analysis and develop an action planStep 7: Implement the action planContinual improvementDecision-making and implementation responsibilities
ISO 27001ISO 22301Combining ISO 27001, ISO 22301, and the CSF

Content preview from NIST CSF 2.0 - Your essential introduction to managing cybersecurity risks

CHAPTER 7: ALIGNMENT WITH OTHER FRAMEWORKS

The CSF is an effective and flexible framework that is well-known across the United States, and increasingly across the rest of the world. However, one valid criticism of the framework is that it lacks independent verification. Even the most stringent target profile means little if the controls selected to meet outcomes are ineffective or poorly maintained.

With no independent way to verify compliance with the CSF, many organizations will ask their partners to instead achieve accredited certification to internationally recognized standards such as ISO 27001 and ISO 22301. These standards align closely with the CSF, and all three can be operated concurrently.

ISO 27001

ISO 27001 provides a specification ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks

Publisher Resources

ISBN: 9781787785687Publisher Website

NIST CSF 2.0 - Your essential introduction to managing cybersecurity risks

by Andrew Pattison

CHAPTER 7: ALIGNMENT WITH OTHER FRAMEWORKS

ISO 27001

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks

Cybersecurity and Third-Party Risk

A Comprehensive Guide to the NIST Cybersecurity Framework 2.0

From ChatGPT to HackGPT: Meeting the Cybersecurity Threat of Generative AI

Publisher Resources

CHAPTER 7: ALIGNMENT WITH OTHER FRAMEWORKS

ISO 27001

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks

Cybersecurity and Third-Party Risk

A Comprehensive Guide to the NIST Cybersecurity Framework 2.0

From ChatGPT to HackGPT: Meeting the Cybersecurity Threat of Generative AI

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.