{"id":3595,"date":"2024-03-12T11:51:54","date_gmt":"2024-03-12T17:51:54","guid":{"rendered":"https:\/\/trustarc.com\/?post_type=regulations&#038;p=3595"},"modified":"2024-03-21T12:36:41","modified_gmt":"2024-03-21T18:36:41","slug":"nist-cybersecurity","status":"publish","type":"regulations","link":"https:\/\/trustarc.com\/regulations\/nist-cybersecurity\/","title":{"rendered":"The National Institute of Standards and Technology (NIST) Cybersecurity Framework"},"content":{"rendered":"\t\t<section id=\"block_75849cb290f8776180199ef7e7f7205e\" class=\"hero-section-colors text-center bg-navy-gradient\">\n\t\t\t<div class=\"container\">\n\t\t\t\t\t\t\t\t\t<span class=\"sub-title block font-bold \">Standard<\/span>\n\t\t\t\t\t\t\t\t\t\t<h1>The National Institute of Standards and Technology (NIST) Cybersecurity Framework<\/h1>\n\t\t\t\t\t<p>The NIST Cybersecurity Framework 2.0 is a voluntary tool that provides organizations with industry best practices to improve organizational cybersecurity posture and resilience, and to enable organizations to consider cybersecurity risks as part of the organization&#8217;s risk management process. <\/p>\n\t\t\t<\/div>\n\t\t<\/section>\n\t\t\n\n\t\t<section id=\"block_de42282d0c8da959edeaf0d82e377860\" class=\"columns-one text-left\" style=\"\">\n\t\t\t<div class=\"container\">\n\t\t\t\t\t\t\t\t\t<div class=\"text-holder\">\n\t\t\t\t\t\t<h2 style=\"text-align: center\">Are you subject to the NIST Cybersecurity Framework?<\/h2>\n<p>The application of the NIST Cybersecurity Framework (CSF) is voluntary. Any organization &#8211; of varying sizes, level of cybersecurity risk or expertise, and industries &#8211; may apply the recommendations provided by the framework.<\/p>\n<p>The CSF is particularly beneficial for individuals responsible for overseeing organizational cybersecurity programs and risk management activities and policies, including:<\/p>\n<ul>\n<li>Board of directors;<\/li>\n<li>Risk managers;<\/li>\n<li>Lawyers;<\/li>\n<li>Cybersecurity and risk management auditors; and<\/li>\n<li>Cybersecurity policy-makers and regulators.<\/li>\n<\/ul>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\n\n\t<section id=\"block_c9f87247dc81da6cf93ab2bfb7aa7271\" class=\"columns-two\" style=\"padding-bottom:0;\">\n\t\t<div class=\"container\">\n\t\t\t\t\t\t\t<div class=\"heading text-center max-width\">\n\t\t\t\t\t\t\t\t\t\t\t<h2>Key requirements of the NIST CSF<\/h2>\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<div class=\"col-wrap\">\n\t\t\t\t\t\t\t\t\t\t<div class=\"col\">\n\t\t\t\t\t\t\t<h4>CSF Organizational Profiles<\/h4>\n<p>The CSF Profile is a procedure to describe and assess an organization\u2019s current and\/or target cybersecurity posture based on its Core cybersecurity outcomes. Organizational Profile helps facilitate continuous improvement of organization\u2019s cybersecurity that may be grounded in Current Profiles and\/or Target Profiles, and steps can be taken to achieve this, including:<\/p>\n<ul>\n<li>Scoping the Organizational Profile;<\/li>\n<li>Gathering information (e.g. risk management policies) needed to prepare the Organizational Profile;<\/li>\n<li>Creating the Organizational Profile;<\/li>\n<li>Analyzing gaps between Current and Target Profiles;<br \/>\nCreating and implementing an action plan; and<\/li>\n<li>Updating the Organizational Profile.<\/li>\n<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"col\">\n\t\t\t\t\t\t\t<h4>CSF Tiers<\/h4>\n<p>Tiers describe an organization\u2019s benchmark for achieving a certain level of security governance and risk management robustness. There are four Tiers that organizations may strive to achieve, including:<\/p>\n<ul>\n<li>Tier 1 (partial);<\/li>\n<li>Tier 2 (risk-informed);<\/li>\n<li>Tier 3 (repeatable); and<\/li>\n<li>Tier 4 (adaptive).<\/li>\n<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t<\/section>\n\t\n\n\t<section id=\"block_e46f2b4891f37934c627c753dbfdfefc\" class=\"columns-two\" style=\"padding-top:0;\">\n\t\t<div class=\"container\">\n\t\t\t\t\t\t<div class=\"col-wrap\">\n\t\t\t\t\t\t\t\t\t\t<div class=\"col\">\n\t\t\t\t\t\t\t<h4>CSF Core<\/h4>\n<p>The CSF Core establishes a set of predefined and broad cybersecurity outcomes to help organizations identify and breakdown desired cybersecurity goals intended to be achieved. Cybersecurity outcomes can be arranged by \u201cFunctions\u201d &#8211; which includes: Govern, Identify, Protect, Detect, Respond, and Recover &#8211; and are further broken down into specific \u201cCategories\u201d of outcomes and \u201cSubcategories\u201d.<\/p>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t<\/section>\n\t\n\n\t\t<section id=\"block_c70fec30b23f54a69f47c6cae7d282b6\" class=\"cta-section has-gradient-purple color-white\">\n\t\t\t<div class=\"bg\">\n\t\t\t\t<img decoding=\"async\" src=\"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/02\/bg-cta-rectangles-purple.png\" class=\"attachment-full size-full\" alt=\"\" srcset=\"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/02\/bg-cta-rectangles-purple.png 1440w, https:\/\/trustarc.com\/wp-content\/uploads\/2024\/02\/bg-cta-rectangles-purple-300x102.png 300w, https:\/\/trustarc.com\/wp-content\/uploads\/2024\/02\/bg-cta-rectangles-purple-1024x347.png 1024w, https:\/\/trustarc.com\/wp-content\/uploads\/2024\/02\/bg-cta-rectangles-purple-768x260.png 768w\" sizes=\"(max-width: 1440px) 100vw, 1440px\" \/>\t\t\t<\/div>\n\t\t\t<div class=\"container\">\n\t\t\t\t<div class=\"text-block\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"block h6\">Webinar<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t<h2 class=\"h1\">Mitigating Third-Party Risk: Best Practices for CISOs<\/h2>\n\t\t\t\t\t\t<p>Join us for an insightful and informative webinar as we delve into mitigating third-party risks. This webinar will provide essential strategies and best practices to ensure robust security and privacy measures when collaborating with external entities.<\/p>\n\t\t\t\t\t\t<ul class=\"btn-list\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t\t\t\t\t<a href=\"\/resource\/webinar-mitigating-third-party-risk-best-practices-for-cisos\/\" class=\"btn\"><span>Watch now<\/span><\/a>\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/section>\n\t\t\n\n\t\t<section id=\"block_01ce332f55837ca3ca4275b16a0d2826\" class=\"features-section\">\n\t\t\t<div class=\"container\">\n\t\t\t\t\t\t\t\t\t<div class=\"max-width text-center\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<h2>Achieve compliance<\/h2>\n\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t<div class=\"feature-w-images\">\n\t\t\t\t\t\t<ul class=\"list-w-links\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"\/products\/privacy-data-governance\/privacycentral\/\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"text-holder\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"h6 block\">Privacy program development and compliance management<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\tAutomatically identify gaps and track compliance with PrivacyCentral for NIST, ISO, and other privacy and security standards.\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"arrow\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/trustarc.com\/wp-content\/themes\/trustarc\/assets\/dist\/images\/icon-arrow.svg\" alt=\"\" \/>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"\/products\/privacy-data-governance\/nymity-research\/\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"text-holder\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"h6 block\">Guidance and operational templates<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\tStay ahead of framework changes with expert guidance, ensuring your security and privacy practices remain compliant and up to date. Operationalize quickly with expert written operational templates for sample policies, checklists, and more.\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"arrow\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/trustarc.com\/wp-content\/themes\/trustarc\/assets\/dist\/images\/icon-arrow.svg\" alt=\"\" \/>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<div class=\"img-area\">\n\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/03\/img-regulations-generic.png\" class=\"attachment-full size-full\" alt=\"\" srcset=\"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/03\/img-regulations-generic.png 644w, https:\/\/trustarc.com\/wp-content\/uploads\/2024\/03\/img-regulations-generic-300x220.png 300w\" sizes=\"(max-width: 644px) 100vw, 644px\" \/>\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\n\n\t\t<section id=\"block_d5fad46cd218e85c6f30e0cb91f8ecfd\" class=\"accordions-section\" style=\"\">\n\t\t\t<div class=\"container\">\n\t\t\t\t<div class=\"max-width\">\n\t\t\t\t\t\t\t\t\t\t  <h2>FAQs<\/h2>\n\t\t\t\t\t\t\t\t\t\t\t<ul class=\"accordion\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t\t\t\t\t<a href=\"#\" class=\"opener\">Are organizations expected to use and apply the CSF?<\/a>\n\t\t\t\t\t\t\t\t\t<div class=\"slide\">\n\t\t\t\t\t\t\t\t\t\t<div class=\"slide-wrap\">\n\t\t\t\t\t\t\t\t\t\t\t<p>The application of the CSF is voluntary and is used by many organizations. In 2017, U.S. federal agencies are mandated to adopt the CSF within federal information systems, in accordance with the Executive Order 13800 &#8211; Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.<\/p>\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t\t\t\t\t<a href=\"#\" class=\"opener\">Will my organization receive a certificate for demonstrating compliance with the CSF?<\/a>\n\t\t\t\t\t\t\t\t\t<div class=\"slide\">\n\t\t\t\t\t\t\t\t\t\t<div class=\"slide-wrap\">\n\t\t\t\t\t\t\t\t\t\t\t<p>NIST is not a regulatory agency, and does not issue certificates, endorsements, and\/or an assessment program for the implementation of CSF best practices. <\/p>\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t\t\t\t\t<a href=\"#\" class=\"opener\">How should the CSF be applied?<\/a>\n\t\t\t\t\t\t\t\t\t<div class=\"slide\">\n\t\t\t\t\t\t\t\t\t\t<div class=\"slide-wrap\">\n\t\t\t\t\t\t\t\t\t\t\t<p>To reap the full benefits of the CSF, organizations are encouraged to implement the guide throughout its risk management program and\/or entire system infrastructure, rather than strictly in its IT department and servers.<\/p>\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t\t\t\t\t<a href=\"#\" class=\"opener\">How can I measure the effectiveness of the CSF in my business operations?<\/a>\n\t\t\t\t\t\t\t\t\t<div class=\"slide\">\n\t\t\t\t\t\t\t\t\t\t<div class=\"slide-wrap\">\n\t\t\t\t\t\t\t\t\t\t\t<p>NIST does not provide a standardized method or tool for measuring effectiveness; alternatively, it is up to the organization to determine the level of success. Organizations should consider:<\/p>\n<ul>\n<li>The intended outcomes for applying the CSF (e.g. enhancing cybersecurity management with vendors); and<\/li>\n<li>The scope of measuring the effectiveness (e.g. will the entire organization\u2019s IT infrastructure and network servers be evaluated, or only internal policies?).<\/li>\n<\/ul>\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/section>\n\t\t\n\n\t\t<section id=\"block_d625c10e2f78e7999f9e212eb12b1121\" class=\"resource-section bg-light-grey\">\n\t\t\t<div class=\"container\">\n\t\t\t<div class=\"resource-head\">\n\t\t\t\t\t\t\t<h2>Related resources<\/h2>\n\t\t\t\t<a href=\"\/resources\/\" class=\"cta block\">View all resources<\/a>\t\t<\/div>\n\t\t\t\t\t\t<ul class=\"resource-lists \">\n\t\t\t\t\t\t\t<li>\n\t\t\t\t\t<a href=\"https:\/\/trustarc.com\/resource\/data-protection-responsible-generative-ai-use\/\" class=\"resource-single\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"img-holder\">\n\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"380\" height=\"120\" src=\"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/02\/res-feat-rect-purple-380x120.png\" class=\"attachment-380x120 size-380x120 wp-post-image\" alt=\"\" \/>\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"text-holder\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"resource-label uppercase\">Articles<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<h4>Data Protection and Responsible Generative AI Use: A Comprehensive Guide<\/h4>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t<a href=\"https:\/\/trustarc.com\/resource\/the-business-case-for-data-minimization\/\" class=\"resource-single\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"img-holder\">\n\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"380\" height=\"120\" src=\"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/01\/res-feat-city-blue-test-380x120.png\" class=\"attachment-380x120 size-380x120 wp-post-image\" alt=\"\" \/>\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"text-holder\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"resource-label uppercase\">Articles<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<h4>The Business Case for Data Minimization<\/h4>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li>\n\t\t\t\t\t<a href=\"https:\/\/trustarc.com\/resource\/pii-data-personally-identifiable-information\/\" class=\"resource-single\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"img-holder\">\n\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"380\" height=\"120\" src=\"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/01\/res-feat-woven-purple-test-380x120.png\" class=\"attachment-380x120 size-380x120 wp-post-image\" alt=\"\" \/>\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"text-holder\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"resource-label uppercase\">Articles<\/span>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<h4>PII Data: Implications for your Business Goals<\/h4>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t<\/div>\t\t<\/section>\n\t\t\n\n\t\t<section id=\"block_c78d4ee41369b8da1a03417c3d620396\" class=\"columns-one text-center bg-light-grey\" style=\"padding-top:0;padding-bottom:0;overflow:hidden;\">\n\t\t\t<div class=\"container\">\n\t\t\t\t\t\t\t\t\t<div class=\"text-holder\">\n\t\t\t\t\t\t<p style=\"font-size:80%\"><strong>The information provided does not, and is not intended to, constitute legal advice.<\/strong> Instead, all information, content, and materials presented are for general informational purposes only.<\/p>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Framework on cybersecurity risk posture and resilience <\/p>\n","protected":false},"template":"","regulation":[97],"topic-regulation":[],"class_list":["post-3595","regulations","type-regulations","status-publish","hentry","regulation-international"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.4 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>The National Institute of Standards and Technology (NIST) Cybersecurity Framework | TrustArc<\/title>\n<meta name=\"description\" content=\"Learn about NIST&#039;s Cybersecurity Framework. Comply with framework requirements for a robust cybersecurity risk posture and resilient with TrustArc.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/trustarc.com\/regulations\/nist-cybersecurity\/\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/trustarc.com\\\/regulations\\\/nist-cybersecurity\\\/\",\"url\":\"https:\\\/\\\/trustarc.com\\\/regulations\\\/nist-cybersecurity\\\/\",\"name\":\"The National Institute of Standards and Technology (NIST) Cybersecurity Framework | TrustArc\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/trustarc.com\\\/#website\"},\"datePublished\":\"2024-03-12T17:51:54+00:00\",\"dateModified\":\"2024-03-21T18:36:41+00:00\",\"description\":\"Learn about NIST's Cybersecurity Framework. Comply with framework requirements for a robust cybersecurity risk posture and resilient with TrustArc.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/trustarc.com\\\/regulations\\\/nist-cybersecurity\\\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/trustarc.com\\\/#website\",\"url\":\"https:\\\/\\\/trustarc.com\\\/\",\"name\":\"TrustArc\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/trustarc.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The National Institute of Standards and Technology (NIST) Cybersecurity Framework | TrustArc","description":"Learn about NIST's Cybersecurity Framework. Comply with framework requirements for a robust cybersecurity risk posture and resilient with TrustArc.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/trustarc.com\/regulations\/nist-cybersecurity\/","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/trustarc.com\/regulations\/nist-cybersecurity\/","url":"https:\/\/trustarc.com\/regulations\/nist-cybersecurity\/","name":"The National Institute of Standards and Technology (NIST) Cybersecurity Framework | TrustArc","isPartOf":{"@id":"https:\/\/trustarc.com\/#website"},"datePublished":"2024-03-12T17:51:54+00:00","dateModified":"2024-03-21T18:36:41+00:00","description":"Learn about NIST's Cybersecurity Framework. Comply with framework requirements for a robust cybersecurity risk posture and resilient with TrustArc.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/trustarc.com\/regulations\/nist-cybersecurity\/"]}]},{"@type":"WebSite","@id":"https:\/\/trustarc.com\/#website","url":"https:\/\/trustarc.com\/","name":"TrustArc","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/trustarc.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/regulations\/3595","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/regulations"}],"about":[{"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/types\/regulations"}],"wp:attachment":[{"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/media?parent=3595"}],"wp:term":[{"taxonomy":"regulation","embeddable":true,"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/regulation?post=3595"},{"taxonomy":"topic-regulation","embeddable":true,"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/topic-regulation?post=3595"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}