The National Institute of Standards and Technology has released its voluntary industry standards and best practices to prevent cyber attacks. The publication – “Framework for Improving Critical Infrastructure Cybersecurity” consists of three divisions: core, tiers, and profiles.
The core provides a set of activities that a company can perform to insure cyber security. The tiers provides context on how companies view cyber security risk and the processes in place to manage risk. Profiles align functions, tiers, risk tolerance, and resources of a company.
The Framework was created through collaboration between the government and the private sector. The Framework can be used to complement an organization’s risk management and cyber security program.
To obtain a copy of the publication, click here.