Use NIST's Framework to manage and control cybersecurity threats and attacks.
Use it to protect critical infrastructure and to safeguard the health, safety, security,
and privacy of customers, employees, and other interested parties. For more
detail, see NIST's Cybersecurity Framework Translated into Plain English.
ID. Identify your context
ID.AM Identify all relevant assets.
ID.BE Identify business environment.
ID.GV Identify governance framework.
ID.RA Identify threats and vulnerabilities.
ID.RM Identify risk management strategy.
ID.SC Identify strategy for supply chains.
PR. Protect your assets
PR.AC Protect assets by managing access.
PR.AT Protect assets by managing awareness.
PR.DS Protect assets by managing data security.
PR.IP Protect assets by managing information.
PR.MA Protect assets by managing maintenance.
PR.PT Protect assets by managing technologies.
DE. Detect your anomalies
DE.AE Detect anomalies by analyzing events.
DE.CM Detect anomalies by monitoring systems.
DE.DP Detect anomalies by maintaining processes.
RS. Respond to incidents
RS.RP Respond to incidents by controlling steps.
RS.CO Respond to incidents by coordinating action.
RS.AN Respond to incidents by analyzing the situation.
RS.MI Respond to incidents by mitigating the damage.
RS.IM Respond to incidents by making improvements.
RC. Recover from incidents
RC.RP Recover from incidents by controlling steps.
RC.IM Recover from incidents by making improvements.
RC.CO Recover from incidents by coordinating activities.
If you'd like to see how we've translated each
of the above sections into
Plain English, please check out our more detailed Cybersecurity Framework.
Updated on March 31 2020.
First published on January 18, 2020.
Praxiom Research Group Limited firstname.lastname@example.org 780-461-4514
Legal Restrictions on the Use of
Copyright © 2020 by Praxiom Research Group Ltd. All Rights Reserved.