Published Date: 06-MAY-2024.
report@fixitgearware.com
Our Website: https://www.fixitgearware.com/
Our Affiliate Store: https://www.fixitgearware.com/store/
Donation & Support: https://www.fixitgearware.com/services/donations_support/
Read the MIT-LICENCE
THE NIST CSF2.0 A NEW REFERENCE GUIDE IN PLANNING ORGANIZATIONS "RISK ASSESSMENT & RISK MANAGEMENT".
The NIST Cyber Security framework (V1.1), originated from the United States of America's concern for its national and economic security, which heavily relies on the functioning of critical infrastructures.
To ensure the resilience and longevity of these infrastructures, Barack Obama, who was the President of the United States at the time, issued Executive Order 13636 (EO) (Executive Orders 13636 and 13691 Privacy and Civil Liberties Assessment Reports), titled “Improving Critical Infrastructure Cybersecurity” on February 12th, 2013.
The executive order initiated the voluntary development of a Cybersecurity Framework. This framework offers a “prioritized, flexible, repeatable, performance-based, and cost-effective approach,” assisting organizations that use critical infrastructure services in managing cybersecurity risk.
Ever since this Framework was created, cybersecurity professionals, have used this tool as a guideline in strategizing ways on how its organization manages its cybersecurity risk, and priorortizing cybersecurity as a key component of its organization.
In its commitment to ensure Cybersecurity awareness and Risk Management, 11-years and 13-days later, "The National Institute of Standards and Technology. (NIST)", has instituted a new manual. This new document titled CSF 2.0 (Cybersecurity Framework 2.0), is a modification of the Cybersecurity Framework V1.1, and was officially released in February 26-2024.
In the new CSF2.0 drastic changes were implemented, with the introduction of the “GOVERN” Function. What does this mean ? Organizations are now able to implement these Functions available in the Cybersecurity Framework 2.0 (CSF 2.0), in planning their various organizations cybersecurity risk management strategy, in protecting its critical infrastructures.
- FUNCTION:
This column list the functions of the NIST CSF2.0
- ID:
This column contains the unique ID assigned to the respective function in that particular row e.g Govern, ID is 'GV'.
- BRIEF EXPLANATION:
This column explains what the function in that specific row is all about. e.g Govern -> GV -> "The Organization's Cybersecurity Risk Management Strategy."
- CATEGORIES:
List the various categories assigned to the specific function in that row. e.g. Govern->GV-> GV.OC, GV.RM, GV.RR, GV.PO, GV.OV, GV.SC.
- CSF(V1.1) REFERENCE:
The link, to the old version of the Framework.
- CATEGORY WITHDRAWN:
This column, contains the Category that was withdrawn, from the function, when referenced to the NIST CSF V1.1.
- NEW CATEGORY:
Here are listed the new categories introduced in the functions e.g. IDENTIFY->ID-> ID.IM Improvement (New Category in the IDENTIFY Function).
Below is a brief summary of this framework's functions. For a detailed view of the various functions and their applications in planning your organization's risk assessment, please follow the corresponding Github repository link for each function.
| FUNCTION | ID | BRIEF EXPLANATION | CATEGORIES | CSF(V1.1) REFERENCE | CATEGORY WITHDRAWN | NEW CATEGORY |
| GOVERN | GV | The Organization's Cybersecurity Risk Management Strategy,Expectations, and Policy Are Established, Communicated, and Monitored. The NIST Function "GOVERN" is a new addition to the Cybersecurity Framework (CSF) 2.0, designed to emphasize the importance of governance, risk management, and leadership in cybersecurity. It provides deliverables, on actions to be taken by an organization, to achieve and prioritize the outcomes of the other five functions(Identify,Detect,Protect,Respond,Recover), regarding its mission, and stakeholders expectations. Governance activities are essential for the incorporation of cybersecurity, into an organization's larger Enterprise Risk Management(ERM) strategy. In addition, it addresses issues regarding the understanding of the organizational context; the establishment of cybersecurity strategy; and cybersecurity supply chain risk management; roles, responsibilities, and authorities; policy; and the oversight of cybersecurity strategy. •GitHub Repository: GOVERN FUNCTION. | • Organizational Context (GV.OC) • Risk Management Strategy (GV.RM) • Roles, Responsibilities, and Authorities (GV.RR) • Policy (GV.PO) • Oversight (GV.OV) • Cybersecurity Supply Chain Risk Management (GV.SC) | •NIL | •NIL | •NIL |
| IDENTIFY | ID | The Organization's Current Cybersecurity Risk Are Understood. The Function "IDENTIFY" in NIST CSF 2.0, plays a vital role, that ensures the organization's present cybersecurity risks are properly understood. This includes the organization's assets i.e (personnels,systems,hardware, data,software,facilities), vendors and related cybersecurity risk. It further enables the organization to priortize its risk management strategy consistently, and its mission properly; identified under the GOVERN function of CSF 2.0. In additon, the function includes the identification of opportunities that would improve the organization's policies,plans, processes, procedures, and practises, that promotes cybersecurity risk management, in notifying efforts under all the six functions (Govern, Identify,Detect, Protect,Respond,Recover). •GitHub Repository: IDENTIFY FUNCTION. | • Asset Management (ID.AM) • Risk Assessment (ID.RA) • Improvement (ID.IM) | • Website : Identify Function. • GitHub :Repository | •ID.BE •Business Environment •ID.GV •Governance •ID.RM •Risk Management Strategy | •ID.IM •Impro- vement. |
| Protect | PR | Safeguarding and Managing The Organization's Cybersecurity Risk. Upon Identifying, and priortizing the organization's risk, and assets, The Function "PROTECT" of the NIST CSF2.0 assist in securing those assets, to limit or eliminate the likelihood and impact of cybersecurity incidents, and preventing the compromise arising from such likelihood and impact. The development covered by this function includes Identity Management, Authentication, and Access Control; Awareness and Training; Data Security; Platform Security (comprising of Securing Hardware Components; Software Components; and Services which includes both physical and virtual platforms); and pliability of technology infrastructures. •GitHub Repository: PROTECT FUNCTION. | • Identity Management, Authentication, and Access Control (PR.AA) • Awareness and Training (PR.AT) • Data Security (PR.DS) • Platform Security (PR.PS) • Technology Infrastructure Resilience (PR.IR) | • Website : Protect Function. • GitHub :Repository | •PR.AC •Access Control •PR.IP •Information Protection, Processes, and Procedures •PR.MA •Maintenance •PR.PT •Protective Technology | •PR.AA •Identity Management, Authentication, and Access Control. •PR.PS •Platform Security. •PR.IR •Technology Infrastructure Resilience. |
| Detect | DE | Uncovering and Analysing Possible Cybersecurity Attacks and Compromise. The "DETECT" Function of The CSF2.0, ensures the timely discovery and analysis of incongruity, IoC's (Indicator of Compromise), and potential harmful events which may indicate, an ongoing cyber attack or incident. The function, also ensures the incident response and recovery process are successfully implemented. •GitHub Repository: DETECT FUNCTION. | • Continuous Monitoring (DE.CM) • Adverse Event Analysis (DE.AE) | • Website : Detect Function. • GitHub :Repository | •DE.DP •Detection Process. | •NIL |
| Respond | RS | Actions and Procedures are Implemented Regarding The Detected Cybersecurity Incident. The "RESPOND" Function of the NIST CSF2.0 contributes towards keeping under control, the effects of the cybersecurity incident. The sequelae within the RESPOND Function, also comprises of managing the incident (Incident Management), analysing the impact (Analysis), mitigation, reporting and communication. •GitHub Repository: RESPOND FUNCTION. | •Incident Management. (RS.MA) • Incident Analysis (RS.AN) • Incident Response Reporting and Communication (RS.CO) •Incident Mitigation (RS.MI) | • Website : Respond Function. • GitHub :Repository | •RS.RP •Response Planning •RS.IM •Improvements | •RS.MA •Incident Management. |
| Recover | RC | Restoring The Assets and Operational Services, Impacted By The Cybersecurity Incident. The aim of the "Recover" Function of the NIST CSF2.0, is to restore operational services impacted by the incident, in a timely manner. This is to ensure that the aftermath of the cybersecurity incident is cushioned, and also put into action appropriate communications, during the recovery phase. •GitHub Repository: RECOVER FUNCTION. | • Incident Recovery Plan Execution (RC.RP) • Incident Recovery Communication (RC.RO) | • Website : Recovery Function. • GitHub :Repository | •RC.IM •Improvements | •NIL |