NIST Cybersecurity Framework Protect Function

NIST describes the NIST Cybersecurity Framework (NIST CSF) Protect function as follows:

  • Protect

The Protect Function outlines appropriate safeguards to ensure delivery of critical infrastructure services. The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event.

Examples of outcome Categories within this Function include:

  • Protections for Identity Management and Access Control within the organization including physical and remote access

  • Empowering staff within the organization through Awareness and Training including role based and privileged user training

  • Establishing Data Security protection consistent with the organization’s risk strategy to protect the confidentiality, integrity, and availability of information

  • Implementing Information Protection Processes and Procedures to maintain and manage the protections of information systems and assets

  • Protecting organizational resources through Maintenance, including remote maintenance, activities

  • Managing Protective Technology to ensure the security and resilience of systems and assets are consistent with organizational policies, procedures, and agreements


NIST - National Institute of Standards and Technology. The Five Functions. By NIST. Available at: Accessed: 11/1/2021.