top of page

NIST Cybersecurity Framework Reference

The National Institute of Standards and Technology makes a free cybersecurity framework reference tool available on its site at: Unzip and run the .exe file and you'll get a great tool that will help a firm or client implement cybersecurity practices according to standard practices and guidelines.

As you can see the framework has five main stages: IDENTIFY; PROTECT; DETECT; RESPOND; RECOVER.

This little program really just integrates outlines of five different cybersecurity guides. The Council on Cybersecurity's Critical Security Controls; Control Objectives for Information and Related Technologies COBIT 5; International Society for Automation's 62443 Standards; the International Organization for Standardization / International Electrotechnical Information Security Management ISO/IEC 27001:2013; and the National Institute of Standards and Technologies' Security and Privacy Controls for Federal Information Systems and Organizations, NIST SP 800-53 Rev. 3.

The Framework really just points you to specific sections in each resource in which you can look up more specific information on how to address particular problems. So in this selection we see where to find more information on how to make sure your detection processes can deal with anomalous events by making concerned parties aware of them.

bottom of page