A principal component of the NIST Cybersecurity Framework is the Framework Core, depicted in the figure below, which provides the overarching structure for the assignment of cybersecurity activities that support specific cybersecurity outcomes.
Figure 24. NIST Cybersecurity Framework Structure
The Framework Core is comprised of four elements at its highest level:
- “Functions organize basic cybersecurity activities at their highest level and help organizations manage cybersecurity risk.
- “ Govern (GV) – The organization’s cybersecurity risk management strategy, expectations, and policy are established, communicated, and monitored….
- “ Identify (ID) – The organization’s current cybersecurity risks are understood.….
- “ Protect (PR) – Safeguards to manage the organization’s cybersecurity risks are used….
- “ Detect (DE) – Possible cybersecurity attacks and compromises are found and analyzed….
- “ Respond (RS) – Actions regarding a detected cybersecurity incident are taken….
- “ Recover (RC) – Assets and operations affected by a cybersecurity incident are restored.….”163,164
- “Categories subdivide Functions into groups of cybersecurity outcomes that are topical in nature.
- “Sub-Categories further subdivide Categories into specific cybersecurity outcomes.
- “Informative References are standards, frameworks, guidelines, and best practices that support the outcomes specified by each Sub-category.”165,166
Figure 25. NIST Cybersecurity Framework Core Subcategories (Example)
163 Ibid., pp. 3 – 4.
164 Emphasis and bulletized structure added.
165 NIST (2018, 16 Apr)., pp. 8 – 9.
166 Emphasis and bulletized structure added.