NIST CSF (Cybersecurity Framework)

Definition

The NIST Cybersecurity Framework is a voluntary framework from the US National Institute of Standards and Technology that helps organizations manage cybersecurity risks.

NIST CSF is built around five functions: Identify, Protect, Detect, Respond, and Recover. The NIST CSF 2.0 (2024) added a sixth function: Govern.

Although voluntary, many regulations reference it, including NIS2.

Related terms

NIS2 ISO 27001 CIS Controls
← Back to glossary