Understand the Cybersecurity Framework

August 10, 2016 | Views: 6363

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Understand the Cybersecurity Framework

Framework Overview

The Cybersecurity Framework (CSF) is a risk-based approach to addressing information security risk.  The framework is composed of the following components:

Framework Core

The Framework Core involves actions that meet the requirements and guidelines to address cybersecurity concerns.  The core consists of the following elements:


Functions represent basic information security and assist the organization in managing cybersecurity risk through organization, risk management, making decisions, responding to threats and learning from the past.

·       Identify – The process of identifying critical business resources and related information security risks to ensure prioritization matches the business needs and risk management strategy.  Categories include:

o   Asset Management

o   Governance

o   Risk Assessment

·       Protect – The process of minimizing the impact of a potential breach of event.  Categories  include:

o   Access Control

o   Awareness and Training

o   Maintenance

·       Detect – The ability to quickly detect information security events.  Categories include:

o   Continuous monitoring

o   Anomalies

·       Respond – The ability to effectively react and contain information security events.  Categories include:

o   Response Planning

o   Communications

o   Analysis

·       Recover – The process of quickly returning to a normal operating environment in the event of cyber security incident.  Categories include:

o   Recovery Planning

o   Communications


Categories are divisions within the core functions which align with the higher goals to address the identified needs.


Subcategories are a further subdivision of categories into more precise technical or management initiatives.

Informative References

Informative References are related standards, guidelines and practices that support the goals of subcategories.

eric open post screenshot 1

Framework Implementation Tiers

The Framework Implementation Tiers illustrates how an organization sees cybersecurity risk and what processes are in place to manage these threats. The Tier’s range from Tier 1 to Tier 4 with an increased level of sophistication. An organizations threat environment, legal and regulatory responsibilities, objectives of the business, risk management program and organizational limitations are all considered when selecting the appropriate Tier. The organization’s selected Tier should align with the business, meet the organization’s risk tolerance and can be implemented with a reasonable amount of effort.  Success of the proper Tier selection is based upon how it meets the requirements outlined in the Framework Profile.

Tier 1: Partial

At this Tier organizations are characterized with ad-hoc risk management practices. The organization has limited cybersecurity awareness with no global management approach. Collaboration of information with external entities is unlikely.

Tier 2: Risk Informed

Management has approved the risk management practices, but a global policy may not have been implemented. Information security awareness exists, but has not been disseminated across the organization. The organization has realized its part within the larger environment, but there is no formal external interaction established.

Tier 3: Repeatable

A risk management program has been formally accepted with the creation of supporting policies that are updated regularly to address updates to the threat landscape. Due to the organizational understanding of its dependency and contribution with external partners, risk-based decisions are improved.

Tier 4: Adaptive

Based on feedback and lessons learned, the organization’s risk management process is adapted.  Information security events are addressed based on risk-based policies, procedures and processes.  Accurate threat information is actively shared with external partners to improve posture prior to potential cybersecurity events.


Framework Profile

The Framework Profile aligns business requirements, appetite of risk and available resources with Functions, Categories, and Subcategories. This Profile allows the organization to develop a strategy, which aligns with organizational goals to reduce informational security risks. The Current Profile illustrates the existing cybersecurity level achieved. The Target Profile represents the needed outcomes to achieve the desired cybersecurity stance. Overall, the business needs and measured risk drive the prioritization of mediating gaps.


Framework Implementation

There are roughly three layers of information flow and decision making within an organization:

  • Executive
  • Business/Process
  • Implementation/Operation

At the executive level, risk tolerance, business mission and available resources are communicated. The creation of a Profile occurs at the business/process level with guidance from information obtained from executives and collaboration with the implementation/operations group. Progress of the implementation of the Profile is communicated back to the business/process group, where an impact assessment is conducted. The results of the impact assessment are reported back to the executive level to update the organization’s risk management status.

eric open post screenshot 2

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Chrystal clear and focussed.

  2. awesome source !

Page 2 of 2«12
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?