The National Institute of Standards and Technology’s Cyber Security Framework, NIST-CSF, is a broad-based initiative to increase the security posture of organizations of all sectors and sizes. While some may be familiar with the venerable NIST SP 800 series of computer security publications, the new framework incorporates this and other standards as reference for a less technical and more organizational approach to information security within a company. It is expected that the NIST-CSF will become a recommended application and best practice in many sectors, and might be part of future contractual requirements for companies doing business with the federal government.
Our novaturient experts are actively engaged in the NIST-CSF development process via public notices and meetings, and have taken a closer look at the current version. In a six-part series, we will introduce the CSF and its functions, categories, and subcategories.