In February 2013, the President of the United States issued Executive Order (EO) 13636, “Improving Critical Infrastructure Cybersecurity,” to address the growing threat to U.S. critical infrastructure. The purpose of the EO was to “enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties.”
The order provided a mandate to establish a voluntary common framework for cybersecurity defense. In response to this mandate, the National Institute of Standards and Technology (NIST) was tasked with development of the Framework for Improving Critical Infrastructure Cybersecurity, more commonly known as the Cybersecurity Framework. Although it was designed specifically for companies that are part of the U.S. critical infrastructure, many other organizations in the private and public sectors, including federal agencies, are using the framework as a helpful tool in managing cybersecurity risks.
Our program introduces risk frameworks and provides you with comprehensive coverage of each of the three NIST Cybersecurity Framework components: the framework core, the framework implementation tiers and the framework profiles.