Assess Technical Readiness
The National Institute of Standards and Technology (NIST) Cybersecurity Framework is voluntary guidance intended to help organizations to better manage and reduce cybersecurity risk. The Framework provides a set of desired cybersecurity activities and outcomes using common language that is easy to understand and communicate to all stakeholders.
The NIST Cybersecurity Framework consists of three-parts:
- The Framework Core helps organizations manage and reduce cybersecurity risk in a manner that complements their existing risk management practices.
- Framework Implementation Tiers help organizations assess the maturity of their existing cybersecurity risk management practices.
- Framework Profiles are unique to an organization and assist in defining and prioritizing cybersecurity requirements and objectives.