NIST Cybersecurity Framework Protect Function

NIST describes the NIST Cybersecurity Framework (NIST CSF) Protect function as follows:

• Protect

The Protect Function outlines appropriate safeguards to ensure delivery of critical infrastructure services. The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event.

Examples of outcome Categories within this Function include:

• Protections for Identity Management and Access Control within the organization including physical and remote access

• Empowering staff within the organization through Awareness and Training including role based and privileged user training

• Establishing Data Security protection consistent with the organization’s risk strategy to protect the confidentiality, integrity, and availability of information

• Implementing Information Protection Processes and Procedures to maintain and manage the protections of information systems and assets

• Protecting organizational resources through Maintenance, including remote maintenance, activities

• Managing Protective Technology to ensure the security and resilience of systems and assets are consistent with organizational policies, procedures, and agreements

References:

NIST - National Institute of Standards and Technology. The Five Functions. By NIST. Available at: https://www.nist.gov/cyberframework/online-learning/five-functions. Accessed: 11/1/2021.