github
/
developer-roadmap
mirror of https://github.com/kamranahmedse/developer-roadmap.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Roadmap to becoming a developer in 2022
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5245 Commits
208 Branches
4 Tags
444 MiB
 
 
 
 
 
Tag: Branch: Tree: 7f776808df
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7f776808df'
${ noResults }
developer-roadmap/src/data/roadmaps/cyber-security/content/csf@HjfgaSEZjW9BOXy_Ixzkk.md

2.4 KiB
Raw Blame History

CSF

Cybersecurity Framework (CSF) Summary

The Cybersecurity Framework (CSF) is a set of guidelines aimed at helping organizations better protect their critical infrastructure from cyber threats. Developed by the National Institute of Standards and Technology (NIST), this voluntary framework provides a flexible, risk-based approach to managing cybersecurity risks.

Key Components of CSF

CSF comprises three key components:

  • Core - Consists of five functions, each representing a high-level cybersecurity activity:

    • Identify: Understand the organization's cybersecurity risks.
    • Protect: Implement safeguards to protect the critical infrastructure.
    • Detect: Identify the occurrence of a potential cybersecurity event.
    • Respond: Develop and implement appropriate actions to address detected cybersecurity events.
    • Recover: Implement plans to restore systems and services after a cybersecurity incident.

  • Tiers - Provide context for organizations to consider the robustness of their cybersecurity program:

    • Tier 1: Partial – Minimal cybersecurity risk management practices.
    • Tier 2: Risk Informed – Risk management practices in place, but not consistently applied.
    • Tier 3: Repeatable – Risk management practices are consistent across the organization.
    • Tier 4: Adaptive – Proactive approach to managing cybersecurity risks.

  • Profiles - Organizations create profiles to align their cybersecurity activities with their organizational goals, risk tolerance, and resources. A target profile represents desired outcomes, whereas a current profile reflects the current state of cybersecurity programs.

Benefits of Implementing CSF

  • Enhanced understanding of cybersecurity risks and corresponding management strategies within an organization.
  • Improved ability to prioritize cybersecurity investments based on risk assessments.
  • Strengthened communication between different departments and stakeholders regarding cybersecurity expectations and progress.
  • Compliance with industry standards and guidelines, including support for organizations subject to regulatory requirements.

CSF offers organizations a structured approach to improving their cybersecurity posture. By following this framework, organizations can manage their cybersecurity risks more effectively, create a stronger defense against cyberattacks, and maintain the resilience of their critical infrastructure.