NIST Framework

1100 WordsJan 29, 20184 Pages
Table of Contents SUMMARY OF NIST FRAMEWORK 3 NIST FRAMEWORK IN MAKING IT MANAGEMENT DECISIONS 5 Summary of NIST framework This report provides a summary of NIST Framework and its process based on the documents SP 800-30, SP 800-37 and SP 800-39. The national agencies in United States of America and also a lot of companies are relying on the framework in order to improve their infrastructure security settings. Cybersecurity threats can exploit their systems and cybersecurity risks can affect the company’s bottom line. It can drive up costs and impact revenue but it can also affect their ability to innovate, gain and maintain customers. The framework was created through the collaboration between several governmental agencies and the private sector and it has been made as simple as possible using common language to address and manage cybersecurity risks in a cost-effective way. The framework encourages companies and government agencies to address cyber security risk not only from the technological standpoint but also across employees, processes and technology dimensions similarly like the do safety, financial and operational risks. The framework consists of three parts: the framework core, the framework profile and the framework implementation tiers. It focuses on using business decisions and drivers to guide cybersecurity activities and recommends adding cybersecurity as part of the organization’s risk management process.
Open Document