What is the NIST Cyber Security Framework?

Who is NIST?
NIST is one of the oldest physical science labs in the U.S. and its core mission is to enable, foster and support innovation. It does this by establishing critical measurement of technology which enables the user to place trust in the accuracy of that technology. NIST was tasked with creating a framework to reduce cyber risk to critical infrastructure (CI), and this is how the NIST Cyber Security Framework was born.
What is the NIST Cyber Security Framework?
It is a framework that helps organizations worldwide to manage their cyber security risks. It does this by providing a common language and approach for business professionals of all career stages, roles, industries and business sizes. From day one of its creation, it was observed that the vulnerabilities of CI are not isolated, they exist and are interconnected with the global economy. For this reason, a global and industry-wide perspective needed to be taken which today enables organizations to develop a unified understanding of their cyber risk.

Who can use it? 
Because NIST is not a regulatory body and has such long-standing and varied scientific expertise that has been baked into the framework, it can be used by any sized organization in any industry. NIST works with organizations around the world to ensure that their system of measurement is continuously evolving and remains applicable to all business sizes and industries at a global scale. 

What are the Benefits?
Applying NIST to your organization will help to protect business assets and support the business mission and strategy by providing a prioritized, flexible, repeatable and cost-effective approach to help you identify, assess and manage cyber risks. 

Where can I Learn More?
Check out https://www.nist.gov/ and become a NIST expert with ICTTF's on demand course at ncsecourse.com

Ella O’Neill is a Cyber Agent at ICTTF