NIST Cybersecurity Framework View¶
NIST CSF is a framework for organizing cybersecurity outcomes.
In the Cybersecurity Ontology, NIST CSF primarily maps to Leadership, Safeguards, and Assurance.
Prototype mapping¶
| NIST CSF area | Ontology mapping |
|---|---|
| Govern | Leadership |
| Identify | Assets, Leadership |
| Protect | Safeguards |
| Detect | Safeguards, Assurance |
| Respond | Safeguards, Leadership |
| Recover | Safeguards, Assurance, Leadership |
Interpretation¶
NIST CSF is useful as an outcome view. The ontology adds object-level relationships that show what is protected, what risk is reduced, and what evidence supports the outcome.