Executive Summary
Developed in response to Executive Order 13636, the NIST Cybersecurity Framework (the “Framework”) was published in February 2014 following a collaborative process between industry, academia and government organizations. The original goal was to develop a voluntary framework to help organizations manage cybersecurity risk in the nation’s critical infrastructure, such as bridges and the electric power grid. But the framework has been widely adopted by many types of organizations across the country and around the world. Organizations that have adopted the Framework have found it to be an extremely valuable tool for fostering communications about risk management and cybersecurity amongst organizational stakeholders.
NIST defines the Framework as guidance, intended to be customized by various sectors and individual organizations to best suit their risks, situations, and needs. The Framework is not intended to be implemented as a static compliance checklist but rather a flexible, ongoing process and risk management tool.
The Framework’s Core five “Functions” offer a way to organize cybersecurity risk management activities at their highest levels using words that can be applied across risk management disciplines: Identify, Protect, Detect, Respond, and Recover.
This white paper explains how federal organizations can leverage Fortra™’s Digital Guardian® ’s the Data Protection Platform across these five Functions to more effectively implement eight strategic objectives of the Framework.
Reference: https://www.nist.gov/cyberframework