Identify
NIST Cybersecurity Framework
Identify
Develop an organized cybersecurity STRATEGY
Understand RISKS to assets
Integrate security BUSINESS function
PRIORITIZE efforts for business need
Create risk management ST
Subscription Benefits
Identifying physical and software assets within the organization to establish the basis of an Asset Management program
Identifying the Business Environment the organization supports including the organization's role in the supply chain, and the organizations place in the critical infrastructure sector
Identifying cybersecurity policies established within the organization to define the Governance program as well as identifying legal and regulatory requirements regarding the cybersecurity capabilities of the organization
Identifying asset vulnerabilities, threats to internal and external organizational resources, and risk response activities as a basis for the organizations Risk Assessment
Identifying a Risk Management Strategy for the organization including establishing risk tolerances
Identifying a Supply Chain Risk Management strategy including priorities, constraints, risk tolerances, and assumptions used to support risk decisions associated with managing supply chain risks
References:
NIST - National Institute of Standards and Technology. The Five Functions. By NIST. Available at: https://www.nist.gov/cyberframework/online-learning/five-functions. Accessed: 11/1/2021.