The NIST Cybersecurity Framework | Practical Law
A Practice Note discussing the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), including its development, structure and purpose, interactions with federal and state laws and regulations, and recommendations for implementing the CSF approach. This Note also explains NIST's risk-based approach to developing, maintaining, and assessing information security programs and provides guidance and resources to use in applying the CSF.