NIST Cybersecurity Framework (CSF)

The National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity (NIST Cybersecurity Framework) organizes basic cybersecurity activities at their highest level. These highest levels are known as functions:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recovery

These help agencies manage cybersecurity risk by organizing information, enabling risk management decisions, addressing threats, and learning from previous activities.

Categories are subdivisions of a function. They group cybersecurity outcomes closely tied to programmatic needs and particular activities.

CSF product and service providers

We provide cybersecurity solutions related to these CSF functions through the following IT Security services and products:

The table below provides links to service providers who qualified to be part of the HACS SIN, and to CDM products approved by the Department of Homeland Security.

CSF Functions Identify Protect Detect Respond Recover
IT Security Services HACS SIN
IT Security Products CDM APL Tools

CSF functions and categories

  • Identify — Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities.
    Categories: Asset Management, Business Environment, Governance, Risk Assessment, Risk Management Strategy, Supply Chain Risk Management.
  • Protect — Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services.
    Categories: Identity Management, Authentication and Access Control, Awareness & Training, Data Security, Info Protection & Procedures, Maintenance, Protective Technology.
  • Detect — Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.
    Categories: Anomalies & Events, Security Continuous Monitoring, Detection Process.
  • Respond — Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.
    Categories: Response Planning, Communications, Analysis, Mitigation, Improvements.
  • Recover — Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.
    Categories: Response Planning, Improvements, Communications.
Last Reviewed: 2022-07-01