Chapter 3: Framework profiles

The Framework profiles (‘profiles’) describe how cybersecurity is handled within the organization, either currently (‘current profile’) or as an aspiration (‘target profile’). They track the organization’s cybersecurity outcomes, and cybersecurity obligations and requirements, so the organization needs a solid understanding of both before it can achieve its cybersecurity objectives.

In essence, the profiles are a way for an organization to determine where its cybersecurity activities are now, and where they need to be. In other words, the profiles are an opportunity for an organization to establish a roadmap for its journey to managing cybersecurity risks more effectively. If an organization is particularly large ...

Get NIST Cybersecurity Framework - A pocket guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

NIST Cybersecurity Framework - A pocket guide by Alan Calder

CHAPTER 3: FRAMEWORK PROFILES

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly