adam's notes

NIST Cybersecurity Framework (CSF)
New CSF 2.0

❯

❯

NIST Cybersecurity Framework (CSF)

NIST Cybersecurity Framework (CSF)

Cybersecurity refers specifically to provisioning secure processing hardware and software.

Information security and cybersecurity tasks can be classified as five functions (CSF 1.1)
- following the framework developed by NIST
- Identify
  - develop security policies and capabilities
  - Evaluate risks, threats, and vulnerabilities and recommend security controls to mitigate them
- Protect
  - procure/develop, install, operate, and decommission IT hardware and software assets with security as an embedded requirement of every stage of this operation’s lifecycle.
- Detect
  - perform ongoing, proactive monitoring to ensure that controls are effective and capable of protecting against new types of threats
- Respond
  - identify, analyze, contain, and eradicate threats to systems and data security
- Recover
  - implement cybersecurity resilience to restore systems and data if other controls are unable to prevent attacks

New CSF 2.0

uses 6 functions
- Govern, Identify, Protect, Detect, Respond, Recover
Cybersecurity Framework 2.0

Graph View

Backlinks

Domain 1 - Security Concepts and Practices
Summarize Fundamental Security Concepts

Created with Quartz v4.5.2 © 2026

CC BY-NC-SA
adamfurman.me