Читать книгу Cybersecurity Risk Management - Cynthia Brumfield - Страница 14

The Framework Core is a set of activities aimed at organizing cybersecurity initiatives to achieve specific outcomes. The Core has five functions: Identify, Protect, Detect, Respond, and Recover (Figure 0.1).

Figure 0.1 NIST CORE FRAMEWORK.

Within each of these functions are categories of activities. Within each category of activities are subcategories, and for each subcategory, there are informative references, usually standards, for helping to support the activities (Figure 0.2).

Figure 0.2 NIST CATEGORIES, SUBCATEGORIES, AND INFORMATIVE REFERENCES.

For example, one category under the function Identify is Asset Management (Figure 0.3). A subcategory of Asset Management is “Physical devices and systems within the organization are inventoried.” For that subcategory, the Framework offers informative references that guide physical devices’ inventory, mostly standards established by various technical standards-setting bodies. The complete listing of the Functions, Categories, Subcategories, and Informative References are in Appendix A of the final Framework Document on the NIST website.⁶

Figure 0.3 NIST FUNCTIONS AND CATEGORIES.

Although some organizations find the Framework Core, Categories, and Subcategories to be daunting, NIST intends them to be resources from which certain elements can be selected or examined, or used depending on the organization’s unique configuration. NIST does not intend it to serve as a checklist of required activities. Nor are the Functions “intended to form a serial path, or lead to a static desired end state.”