The NIST Cybersecurity Framework, created through collaboration between government and the private sector, uses a common language to address and manage cybersecurity risk in a cost-effective way based on business needs without placing additional regulatory requirements on businesses. It may also help to ensure that third party providers adhere to baseline cybersecurity standards. The Framework focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk management processes.
To read the Framework for Improving Critical Infrastructure Cybersecurity in its entirety, click here.