Framework
Available nowNIST Cybersecurity Framework 2.0
A voluntary, risk-based framework from NIST that helps any organization manage and reduce cybersecurity risk.
At a glance
Best for
Any size organization that wants a flexible, risk-based baseline to start from.
- Six functions: Govern, Identify, Protect, Detect, Respond, Recover
- 22 categories and 106 outcome subcategories
- Four tiers: Partial, Risk Informed, Repeatable, Adaptive
- Voluntary, risk-based and organization-agnostic
How you adopt it
Phased: current-state profile, target profile, then a prioritized gap analysis.
Helps you prepare for