Rofori Private Social Networking


A widely adopted guide allowing flexibility in establishing a cybersecurity program or connecting existing security operations to your cybersecurity risk management strategy.

Defcon Cyber for CyberSecurity

Cybersecurity Risk Management Guide

The National Institute of Standards and Technology (NIST) published a risk-based Cybersecurity Framework—a set of existing standards, guidelines and practices to help organizations manage cyber risks. The framework provides a common language to address and manage cyber risk in a cost-effective way based on business needs, without placing additional regulatory requirements on businesses.

The NIST Cybersecurity Framework allows organizations—regardless of size, degree of cyber risk or cybersecurity sophistication—to apply the principles and best practices of risk management to improve the security and resilience of critical infrastructure. Organizations can use the framework to determine their current level of cybersecurity, set goals for cybersecurity that are in sync with their business environment, and establish a plan for improving or maintaining their cybersecurity.

The three main elements described in the NIST Cybersecurity Framework are the framework core, tiers and profiles. The core presents five functions—identify, protect, detect, respond and recover—that taken together allow any organization to understand and shape its cybersecurity program. The tiers describe the degree to which an organization's cybersecurity risk management meets goals set out in the framework and "range from informal, reactive responses to agile and risk-informed." The profiles help organizations progress from a current level of cybersecurity posture to a target improved state that meets business needs.

Framework implementation is coordinated based on the flow of information and decisions at the various levels of an organization as depicted in the following graphic.

Defcon Cyber Risk Management

Click here for Quick Links to the complete NIST Cybersecurity Framework document (PDF)

Defcon Cyber


Rofori Corporation
7960 Donegan Dr, Suite 225
Manassas, VA 20109
(571) 379-7322


follow us on facebookfollow us on twitter