Despite a growing focus on defensive efforts, the number of successful cybersecurity breaches continues to rise. To address the growing threat, in 2013 an Executive Order (EO) was issued that provided a mandate to establish a voluntary common framework for cybersecurity defense.
As a result, the National Institute of Standards and Technology (NIST) was tasked with development of a common framework to strengthen cybersecurity defenses across critical infrastructure in all industries and organizations. This is more commonly known as the Cybersecurity Framework (CF). The NIST CF consists of standards, guidelines, and practices to promote the protection of critical infrastructure.
This white paper provides background information on the CF guidance and explains how organizations should use the framework to better manage and reduce cybersecurity risk.