The NIST Cybersecurity Framework | Practical Law

The NIST Cybersecurity Framework | Practical Law

A Practice Note discussing the National Institute of Standards and Technology (NIST) Cybersecurity Framework, including its development, structure and purpose, recommendations for implementing the Framework approach, and the potential risks of not applying its principles. This Note also explains NIST's risk-based approach to developing, maintaining, and assessing information security programs and provides resources to use in applying the Framework.

The NIST Cybersecurity Framework

Practical Law Practice Note 5-599-6825 (Approx. 27 pages)

The NIST Cybersecurity Framework

by Mark Francis, Holland & Knight LLP (with special thanks to former colleague Richard Raysman) and John Rogers, MSCI Inc., with Practical Law Data Privacy & Cybersecurity
MaintainedUSA (National/Federal)
A Practice Note discussing the National Institute of Standards and Technology (NIST) Cybersecurity Framework, including its development, structure and purpose, recommendations for implementing the Framework approach, and the potential risks of not applying its principles. This Note also explains NIST's risk-based approach to developing, maintaining, and assessing information security programs and provides resources to use in applying the Framework.