github
/
developer-roadmap
mirror of https://github.com/kamranahmedse/developer-roadmap.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Roadmap to becoming a developer in 2022
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5245 Commits
209 Branches
4 Tags
445 MiB
 
 
 
 
 
Tag: Branch: Tree: 7f776808df
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7f776808df'
${ noResults }
developer-roadmap/src/data/roadmaps/cyber-security/content/csf@HjfgaSEZjW9BOXy_Ixzkk.md

35 lines
2.4 KiB
Raw Blame History

# CSF
## Cybersecurity Framework (CSF) Summary
The Cybersecurity Framework (CSF) is a set of guidelines aimed at helping organizations better protect their critical infrastructure from cyber threats. Developed by the National Institute of Standards and Technology (NIST), this voluntary framework provides a flexible, risk-based approach to managing cybersecurity risks.
## Key Components of CSF
CSF comprises three key components:
- **Core** - Consists of five functions, each representing a high-level cybersecurity activity:
- Identify: Understand the organization's cybersecurity risks.
- Protect: Implement safeguards to protect the critical infrastructure.
- Detect: Identify the occurrence of a potential cybersecurity event.
- Respond: Develop and implement appropriate actions to address detected cybersecurity events.
- Recover: Implement plans to restore systems and services after a cybersecurity incident.
- **Tiers** - Provide context for organizations to consider the robustness of their cybersecurity program:
- Tier 1: Partial – Minimal cybersecurity risk management practices.
- Tier 2: Risk Informed – Risk management practices in place, but not consistently applied.
- Tier 3: Repeatable – Risk management practices are consistent across the organization.
- Tier 4: Adaptive – Proactive approach to managing cybersecurity risks.
- **Profiles** - Organizations create profiles to align their cybersecurity activities with their organizational goals, risk tolerance, and resources. A target profile represents desired outcomes, whereas a current profile reflects the current state of cybersecurity programs.
## Benefits of Implementing CSF
- Enhanced understanding of cybersecurity risks and corresponding management strategies within an organization.
- Improved ability to prioritize cybersecurity investments based on risk assessments.
- Strengthened communication between different departments and stakeholders regarding cybersecurity expectations and progress.
- Compliance with industry standards and guidelines, including support for organizations subject to regulatory requirements.
CSF offers organizations a structured approach to improving their cybersecurity posture. By following this framework, organizations can manage their cybersecurity risks more effectively, create a stronger defense against cyberattacks, and maintain the resilience of their critical infrastructure.