NIST Flashcards
NIST Cybersecurity Framework
Develop a program to identify assess, and manage cybersecurity risks in a cost effective and repeatable manner
A voluntary framework that includes three primary components to manage cybersecurity risk:
1. Framework core
2. Framework implementations
3. Framework profile
Framework Core
The framework core consists of 5 areas of focus, or functions, which represent different points in the security risk management life cycle that help enhance cybersecurity protection
Implementation tiers
Tiers act as a benchmark, identifying the degree to which information security practices are integrated throughout an organization.
Framework profiles
Determine the success or failure of information security implementation, whereas, the implementation tiers inform an organization as to the effectiveness of those profiles
NIST Privacy Framework
Framework to protect individuals data as used in data processing applications. Developed to be industry agnostic and to account for cultural and individual constructs around privacy.
NIST SP 800-53
A stricter standard designed for protecting information systems against sophisticated threats.