NIST Framework for Improving Critical Infrastructure Cybersecurity

This document, published by the National Institute of Standards and Technology, focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of an organization’s risk management processes. The framework consists of three parts: the framework core, the implementation tiers, and the framework profiles. The framework core is a set of cybersecurity activities, outcomes and informative references that are common across sectors and critical infrastructure.