Fandom

The IT Law Wiki

Framework for Improving Critical Infrastructure Cybersecurity

32,169pages on
this wiki
Add New Page
Talk0 Share

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Citation Edit

National Institute of Standards and Technology, Framework for Improving Critical Infrastructure Cybersecurity (Ver. 1.0), 79 Fed. Reg. 9167 (Feb. 12, 2014) (full-text).

Overview Edit

This Framework, created through collaboration between industry and government, consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk.

The Framework is risk-based, and is composed of three parts: the Framework Core, the Framework Profile, and the Framework Implementation Tiers. The Framework provides a common taxonomy and mechanism, based on existing standards, guidelines, and practices, for organizations to:

It provides a thorough, yet flexible risk-based approach for understanding where an organization stands in terms of its cybersecurity activities and where it would like to be to ensure that it is able to achieve its cybersecurity risk management priorities as defined by organizational goals, legal and regulatory requirements, and industry best practices.

This perspective helps reframe cybersecurity issues in risk management terms that may be more understandable for decision-makers, i.e., whether a firm should mitigate, transfer, accept or avoid a risk.

Companion document Edit

NIST also issued a companion document "NIST Roadmap for Improving Critical Infrastructure Cybersecurity," which discusses NIST's next steps with the Framework and identifies key areas of development, alignment, and collaboration.

Also on Fandom

Random Wiki