Chapter 2: Framework core

The Framework core (‘core’) is, in essence, the actual cybersecurity functions that protect your organization. It takes a structured approach to managing cybersecurity risk, and outlines the key outcomes of implementing the Framework. The core has four elements:

•Functions

•Categories

•Subcategories

•Informative references

Figure 1 illustrates the core structure.

Figure 1: Framework core structure (Source: NIST Cybersecurity Framework, Section 2.1)

Functions

The core recognises five functions that outline how to organize cybersecurity activities:

1.Identify potential cybersecurity risks to your information assets

Get NIST Cybersecurity Framework - A pocket guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

NIST Cybersecurity Framework - A pocket guide by Alan Calder

CHAPTER 2: FRAMEWORK CORE

Functions

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly