Information Technology and Infomation Security Consultants
Call PCSS @: 720-990-7556
Contact PCSS today to learn more about our CSF services 720-990-7556.
Cyber Security Framework (CSF)
The Cyber Security Framework (CSF) was released by the United States Government in 2014 as a voluntary guide for organizations in the critical infrastructure community to enhance cyber security. In summary the CSF is a mini version of the controls required by NIST 800-53, but it can be an effective framework for implementing security controls in a variety of industries. This scaled back version of controls was required because many of the systems making up the United States critical infrastructure could not meet a more robust set of controls. CSF is most often applied to process control systems which control water systems, effluent treatment facilities, and industrial processes. The CSF provides a great framework to implement an IT Security program where security is needed, but it is not practical, or necessary, to apply a more rigorous set of controls required by many of the other standards. The standard can also be enhanced by adding additional security controls such as PII which is absent from the CSF.
The CSF standard has 5 functions; Identify, Protect, Detect, Respond, and Recover. There are 22 categories and 96 total controls. The categories are summarized here.
Let PCSS help you address these and reach compliance.