book

NIST CSF 2.0 - Your essential introduction to managing cybersecurity risks

February 2025

Beginner to intermediate

94 pages

1h 27m

English

Read now

Unlock full access

Origins of the CSFThe NIST Cybersecurity Framework
Relevant factors and variablesImplementation benefitsStructure
FunctionsCategoriesSubcategoriesFramework profilesFramework implementation tiers
Informative referencesNIST SP 800-53Implementation examplesQuick-start guides

GovernIdentifyProtectDetectRespondRecover
MethodologiesRisk responsesNIST Risk Management Framework
Step 1: Determine objectives, priorities, and scopeStep 2: Identify assets and risksStep 3: Create a current profileStep 4: Conduct a risk assessmentStep 5: Create a target profileStep 6: Perform a gap analysis and develop an action planStep 7: Implement the action planContinual improvementDecision-making and implementation responsibilities
ISO 27001ISO 22301Combining ISO 27001, ISO 22301, and the CSF

GLOSSARY

Category	Subdivisions of the framework core’s functions, organizing specific cybersecurity outcomes within each function.
Control	A way of managing risk, including policies, procedures, guidelines, practices, or organizational structures, which can be of an administrative, technical, management, or legal nature.
Current profile	Description of an organization’s current cybersecurity activities and their outcomes.
Cyber resilience	A system of defenses and the ability to respond to and recover from an attack when necessary.
Event	Something that occurs (or is notable by not occurring) that may or may not be an incident.
Framework core	A structured description of best-practice cybersecurity functions that protect an organization. ...

Alan Calder

Gregory C. Rasner

Jason Edwards

Karen Renaud, Merrill Warkentin, George Westerman

ISBN: 9781787785687Publisher Website