User:Tunjesh/NIST Cybersecurity Framework
 | This is the sandbox page where you will draft your initial Wikipedia contribution.
If you're starting a new article, you can develop it here until it's ready to go live. If you're working on improvements to an existing article, copy only one section at a time of the article to this sandbox to work on, and be sure to use an edit summary linking to the article you copied from. Do not copy over the entire article. You can find additional instructions here. Remember to save your work regularly using the "Publish page" button. (It just means 'save'; it will still be in the sandbox.) You can add bold formatting to your additions to differentiate them from existing content. |
Article Draft
[edit]Lead
[edit]NIST Cybersecurity Framework is a guidance on how both internal and external stakeholders of organizations can manage and reduce cybersecurity risk. It lists organization specific and customizable activities associated with managing cybersecurity risk and it is based on existing standards, guidelines, and practices . The framework has been translated to many languages and is used by the governments of Japan and Israel, among others. It "provides a high level taxonomy of cybersecurity outcomes and a methodology to assess and manage those outcomes." It is being used by a wide range of businesses and organizations and helps shift organizations to be proactive about risk management.
A security framework adoption study reported that 70% of the surveyed organizations see NIST's framework as a popular best practice for computer security, but many note that it requires significant investment. It also includes guidance on relevant protections for privacy and civil liberties.
Article body
[edit]The NIST Cybersecurity Framework is designed for individual businesses and other organizations to assess risks they face.
Version 1.0 was published by the US National Institute of Standards and Technology in 2014, originally aimed at operators of critical infrastructure. In 2017, a draft version of the framework, version 1.1, was circulated for public comment. Version 1.1 was announced and made publicly available on April 16, 2018. Version 1.1 is still compatible with version 1.0.