Guide to NIST Cybersecurity Framework 2.0

July 3, 2024 by
Mark Nash

Staying ahead of cyber threats is a challenge for organizations of all sizes. The number of reported security incidents increased globally by 69.8% between February and March of 2024. A structured approach to cybersecurity is necessary to protect your organization from ever-evolving cyber threats. In order to help improve cybersecurity, the National Institute of Standards and Technology (NIST) created a Cybersecurity Framework (CSF) that provides an industry-agnostic approach to help companies manage and reduce their cybersecurity risks. The framework was recently updated in 2024 to NIST CSF 2.0, which seeks to offer a more streamlined and flexible approach to cybersecurity. The following guide aims to simplify the framework and make it more easily accessible to businesses looking to utilize it for their infrastructure.

Understanding the Core of NIST CSF 2.0

The updated CSF 2.0 is now focused around the Core, which consists of five concurrent and continuous functions: Identify, Protect, Detect, Respond, and Recover. These functions provide a high-level strategic view of cybersecurity risk and management to enable a dynamic approach to addressing threats. The five Core Functions of NIST CSF 2.0 are:

Identify - identifying an organization’s assets, cyber risks, and vulnerabilities. In order to implement safeguards for a comprehensive cybersecurity, it’s essential to know exactly what you need to protect.

Protect - implementing safeguards. These are the protections that deter, detect, and mitigate cybersecurity risks. Examples include measures such as firewalls, intrusion detection systems, and data encryption.

Detect - identifying and reporting suspicious activity. Early detection of cybersecurity incidents is critical for minimizing damage.

Respond - outlines the steps to take in the event of a cybersecurity incident. Responding to a cybersecurity incident means containing and eradicating the problem so that recovery can begin.

Recover - restoring normal operations after a cybersecurity incident. Important recovery activities include data restoration, system recovery, and business continuity planning.

Profiles and Tiers: Tailoring the Framework

Another key concept of the updated framework is Profiles and Tiers. Profiles and Tiers aim to help organizations tailor their cybersecurity practices to their specific needs, risk tolerances, and resources.

Profiles:

Businesses should have two profiles for their CSF, one that represents their current cybersecurity posture and one that represents their target cybersecurity posture. These profiles are used to identify the cybersecurity targets that an organization is meeting and those that have not been reached.

Tiers:

Tiers are used to provide context on how an organization views cybersecurity risk and the processes in place to manage that risk. More specifically, there are four tiers that represent the strength of cybersecurity in any particular area: Tier 1 Partial, Tier 2 Risk-Informed, Tier 3 Repeatable, and Tier 4 Adaptive.

Benefits of Using NIST CSF 2.0

  • Improved Cybersecurity Posture: The guidance offered in NIST CSF 2.0 helps organizations develop more comprehensive and effective cybersecurity programs.
  • Reduced Risk of Cyberattacks: The framework helps organizations identify and mitigate cybersecurity risks to reduce the likelihood of cyberattacks.
  • Enhanced Compliance: NIST aligned CSF 2.0 with many industry standards and regulations to help organizations meet compliance requirements.
  • Improved Communication: The framework provides a common language for communicating about cybersecurity risks between different parts of an organization.
  • Cost Savings: NIST CSF 2.0 can help organizations save money by preventing cyberattacks and reducing the impact of incidents.

Getting Started with NIST CSF 2.0

If you are interested in getting started with NIST CSF 2.0, there are a few things you can do:

  • Familiarize yourself with the framework: Take some time to read through the NIST CSF 2.0 publication and familiarize yourself with the Core Functions and categories.
  • Assess your current cybersecurity posture: Conduct an assessment of your current cybersecurity posture to help you identify any gaps or weaknesses.
  • Develop a cybersecurity plan: Based on your assessment, develop a cybersecurity plan that outlines how you will implement the NIST CSF 2.0 framework in your organization.

By following these steps, you can begin to deploy NIST CSF 2.0 in your organization and improve your cybersecurity posture.