[フレーム]
You are viewing this page in an unauthorized frame window.

This is a potential security issue, you are being redirected to https://csrc.nist.gov.

You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Publications

NIST CSWP 6

Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1

Documentation Topics

Date Published: April 16, 2018

Planning Note (02/26/2024):

NIST has released The NIST Cybersecurity Framework (CSF) 2.0. See the CSF homepage, this blog post, and NIST news article for more details.


Author(s)

National Institute of Standards and Technology

Abstract

This publication describes a voluntary risk management framework ("the Framework") that consists of standards, guidelines, and best practices to manage cybersecurity-related risk. The Framework’s prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important to the economy and national security.

This release, Version 1.1, includes a number of updates from the original Version 1.0 (from February 2014), including: a new section on self-assessment; expanded explanation of using the Framework for cyber supply chain risk management purposes; refinements to better account for authentication, authorization, and identity proofing; explanation of the relationship between implementation tiers and profiles; and consideration of coordinated vulnerability disclosure. Complete information about the Framework is available at https://www.nist.gov/cyberframework.

This publication describes a voluntary risk management framework ("the Framework") that consists of standards, guidelines, and best practices to manage cybersecurity-related risk.  The Framework’s prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of... See full abstract

This publication describes a voluntary risk management framework ("the Framework") that consists of standards, guidelines, and best practices to manage cybersecurity-related risk. The Framework’s prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important to the economy and national security.

This release, Version 1.1, includes a number of updates from the original Version 1.0 (from February 2014), including: a new section on self-assessment; expanded explanation of using the Framework for cyber supply chain risk management purposes; refinements to better account for authentication, authorization, and identity proofing; explanation of the relationship between implementation tiers and profiles; and consideration of coordinated vulnerability disclosure. Complete information about the Framework is available at https://www.nist.gov/cyberframework.


Hide full abstract

Keywords

critical infrastructure; cybersecurity; Cybersecurity Enhancement Act of 2014; framework; risk management; security
Control Families

None selected

AltStyle によって変換されたページ (->オリジナル) /