N
CSF 2.0FrameworkFinalpublication

NIST Cybersecurity Framework (CSF) 2.0

Provides a comprehensive framework of cybersecurity outcomes organized into six functions: Govern, Identify, Protect, Detect, Respond, and Recover. Serves as a voluntary guidance for organizations of all sizes and sectors to manage and reduce cybersecurity risk.

View on NIST.gov
Publication Number
CSF 2.0
Series
Framework
Status
Final
Date
2024-02
cybersecurity frameworkrisk managementCSFgovernidentifyprotect

References(21)

SP 800-53r5SP 800-53 Rev. 5 - Security and Privacy Controls for Information Systems and OrganizationsSP 800-37r2SP 800-37 Rev. 2 - Risk Management Framework for Information Systems and OrganizationsSP 800-171r3SP 800-171 Rev. 3 - Protecting Controlled Unclassified Information in Nonfederal Systems and OrganizationsNISTIR 8286NISTIR 8286 - Integrating Cybersecurity and Enterprise Risk Management (ERM)SP 800-39SP 800-39 - Managing Information Security RiskSP 800-218SP 800-218 - Secure Software Development Framework (SSDF)SP 800-161r1SP 800-161 Rev. 1 - Cybersecurity Supply Chain Risk Management PracticesPrivacy FWNIST Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management, Version 1.0AI RMF 1.0Artificial Intelligence Risk Management Framework (AI RMF 1.0)SP 800-181r1SP 800-181 Rev. 1 - Workforce Framework for Cybersecurity (NICE Framework)NISTIR 8374NISTIR 8374 - Cybersecurity Framework Profile for Ransomware Risk ManagementSP 800-61r3SP 800-61 Rev. 3 - Incident Handling GuideNISTIR 8596NISTIR 8596 - Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile)NISTIR 8228NISTIR 8228 - Considerations for Managing IoT Cybersecurity and Privacy RisksNISTIR 8276NISTIR 8276 - Key Practices in Cyber Supply Chain Risk ManagementNISTIR 8286DNISTIR 8286D - Using Business Impact Analysis to Inform Risk Prioritization and ResponseNISTIR 8183r1NISTIR 8183 Rev. 1 - Cybersecurity Framework Manufacturing ProfileNISTIR 8425NISTIR 8425 - Profile of the IoT Core Baseline for Consumer IoT ProductsNISTIR 8401NISTIR 8401 - Satellite Ground Segment: Applying the Cybersecurity FrameworkNISTIR 8323r1NISTIR 8323 Rev. 1 - Foundational PNT Profile: Applying the Cybersecurity Framework for PNT ServicesNISTIR 8170NISTIR 8170 - Approaches for Federal Agencies to Use the Cybersecurity Framework

Implementations(7)

NISTIR 7621r1NISTIR 7621 Rev. 1 - Small Business Information SecurityNISTIR 8374NISTIR 8374 - Cybersecurity Framework Profile for Ransomware Risk ManagementNISTIR 8596NISTIR 8596 - Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile)NISTIR 8183r1NISTIR 8183 Rev. 1 - Cybersecurity Framework Manufacturing ProfileNISTIR 8401NISTIR 8401 - Satellite Ground Segment: Applying the Cybersecurity FrameworkNISTIR 8323r1NISTIR 8323 Rev. 1 - Foundational PNT Profile: Applying the Cybersecurity Framework for PNT ServicesNISTIR 8170NISTIR 8170 - Approaches for Federal Agencies to Use the Cybersecurity Framework

Functions(6)

GVGovern (GV)
IDIdentify (ID)
PRProtect (PR)
DEDetect (DE)
RSRespond (RS)
RCRecover (RC)