Cybersecurity frameworks are sets of best practices and procedures designed to assist organizations in developing and delivering cybersecurity protection for their systems, data, staff, clients, and customers. Various public and private organizations have developed cybersecurity frameworks. One with broad uptake is the NIST Cybersecurity Framework from the National Institute of Standards and Technology.
The NIST Cybersecurity Framework combines cybersecurity best practices and industry standards into a cohesive and understandable form. It uses common language so that people at all levels within an organization can understand cyber threats and how they can help counter them. In addition to assisting organizations in understanding cyber risks, the framework also addresses how to reduce and counter cyberattacks.
Working with cybersecurity experts in the private sector and government, NIST compiled and finalized the initial version of the framework in 2014. There have been updates since that release.