What is NIST CSF Compliance?
The National Institute of Standards and Technology (NIST) promotes a Cyber Security Framework (CSF) to enable organizations to better manage and reduce Cybersecurity risk. The Framework, which was created through collaboration between industry and government, consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk. It is also common to use the NIST Cybersecurity Framework to augment regulations like HIPAA. The NIST CSF Framework consists of five core functions - IDENTIFY, PROTECT, DETECT, RESPOND and RECOVER. These five core functions are further divided in to category and sub-category. One of the key features of this framework is to assess an organization's ability to RESPOND and RECOVER from a cyber incident.