NIST Cybersecurity Framework (CSF) is a voluntary, outcomes-driven framework developed by the National Institute of Standards and Technology (NIST). The framework is built to reduce cybersecurity risks to infrastructure in sectors that are vital to national or economic security. These areas may include energy, banking, communications, and the defense industrial base.

How It Works

NIST CSF guides the management and reduction of cybersecurity risks in line with your company’s existing risk management.  NIST CSF has three main components: Framework Core, Implementation Tiers, and Profile. These components allow you to allocate resources consistent with your objectives, operations, and maturity.

With the Risk Cloud Controls Repository, you can download NIST CSF directly into your Application to assess and maintain the effectiveness of your controls.

Why You Need It

• Provide a framework to promote organization-wide consistency in your risk-management decision making
• Establish a common language and methodology at your company for managing cybersecurity risk
• Get more flexibility when it comes to managing cybersecurity risk, based on your organizational objectives and resources