NIST CSF Overview
4 likes2,143 views
The document outlines the objectives and components of the NIST Cybersecurity Framework (CSF), emphasizing its role in assessing and improving organizational security postures. It describes key elements such as the framework core functions—identify, protect, detect, respond, and recover—alongside implementation tiers that reflect the organization’s risk perception and management. The CSF enhances communication around cybersecurity by providing a structured approach to measure and achieve desired security outcomes while aligning with existing regulations and standards.
NIST CSF Overview
- 1. NIST CSF CP 100 - Pune
- 2. Objectives of CSF in a Nutshell Describe Current Security Posture Describe Target Security Posture Continuous Improvement Assess Progress towards Target Posture Communicate Risk
- 3. A framework of Frameworks ISA62443 ISO/IEC 27001 CCS CSC1 NIST SP 800 - 53 COBIT 5 NIST cyber security Framework
- 4. Framework Profile (Where you are and where you want to go) Framework Implementation Tiers (How you view cybersecurity) Framework Core (What it does) •Defines (measures) current state •Defines (measures) desired state •Tiers (4) that show how cybersecurity risks and processes are viewed within an organization •Required Tier based on perceived risk/benefit analysis •Identify •Protect •Detect •Restore •Recover High Level overview of the framework
- 6. Framework core functions explained.. Identify • Understand what’s important to the business and what the risks are Protect • Develop safeguards to ensure CIA Detect • Find bad things Respond • What you do when bad things happen Recover • How to restore what the bad guys broke
- 8. Function Unique Identifier Function Category Unique Identifier Category Subcategor y Informative References ID Identify ID.AM-1 Asset Manageme nt Physical devices within the organization are inventoried • CCS- CSC1 • COBIT 5 • ISA- 62443-2- 1:2009 ID.AM-2 Asset Manageme nt Software Platforms and Applications within the organization are inventoried • CCS- CSC1 • COBIT 5 • ISA- 62443-2- 1:2009 Structured example
- 9. Framework Implementation Tiers • How cybersecurity risks and processes are viewed within organization Partial Risk Informed Repeatable Adaptable Sophistication
- 10. Framework profile • Presents overview of present and future cybersecurity posture – Business Requirements – Risk Tolerance – Resources • Used to define current state and desired state – Can help measure progress...
- 11. A Common Language for All Levels Priorities Risk Appetite Budget Framework Profile Implementation Progress Vulnerabilities, Threats, Assets Status, Changes in Risk Executive Level Focus: Organizational risk Actions: Risk Decision/Priority Operations Level Focus: Risk Management Implementation Actions: Secure Infrastructure, Implement Profile Process Level Focus: Risk Management Actions: Select Profile, Allocate Budget
- 12. Process Prioritize and Scope Business Objectives Priorities Strategy Orient Related Systems Assets Regulations Risk Assessment Exposure Tolerance Create Current Profile Where you are now Create Target Profile Where you need to be Gap Analysis Delta between Current/Target Action Plan MEASURE
- 13. How is NIST CSF Different? • Expresses cybersecurity activities in a common language • Leverages existing standards – does not reinvent the wheel – can map existing processes/guidelines into CSF • Provides crucial guidance for reinforcing security controls while maintaining a focus on business objectives • Provides a vehicle to effectively measure cybersecurity effectiveness independent of existing framework
- 14. Thank you