NIST Cybersecurity Framework (CSF)

The National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity (NIST Cybersecurity Framework) organizes basic cybersecurity activities at their highest level. These highest levels are known as functions:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recovery

These help agencies manage cybersecurity risk by organizing information, enabling risk management decisions, addressing threats, and learning from previous activities.

Categories are subdivisions of a function. They group cybersecurity outcomes closely tied to programmatic needs and particular activities.

CSF Product and Service Providers

We provide products and services related to these CSF functions and categories through the following IT Security Special Item Numbers (SINs):

The table below links these SINs to associated CSF functions. The links provide information on suppliers that qualified to be part of these SINs, and are ready to assist agencies with their IT Security requirements.

CSF Functions Identify Protect Detect Respond Recover
IT Security Services HACS SIN HACS SIN HACS SIN HACS SIN HACS SIN
IT Security Products CDM Tools SIN CDM Tools SIN CDM Tools SIN CDM Tools SIN

CSF Functions and Categories

Identify - Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities.

Categories - Asset Management, Business Environment, Governance, Risk Assessment, Risk Management Strategy, Supply Chain Risk Management.

Protect - Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services.

Categories - Identity Management, Authentication and Access Control, Awareness & Training, Data Security, Info Protection & Procedures, Maintenance, Protective Technology.

Detect - Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.

Categories - Anomalies & Events, Security Continuous Monitoring, Detection Process.

Respond - Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.

Categories - Response Planning, Communications, Analysis, Mitigation, Improvements.

Recover - Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.

Categories - Response Planning, Improvements, Communications.

Last Reviewed: 2019-12-12