IT KORR Knowledge Center
NIST CSF 2.0 Quick Reference
A one-page-style reference to the six NIST Cybersecurity Framework 2.0 functions and representative activities for each.
Govern
- Establish and communicate an organizational cybersecurity strategy, roles, and risk tolerance.
- Define policies for cybersecurity risk management, including third-party and supply chain risk.
- Assign clear accountability for cybersecurity outcomes at the leadership level.
Identify
- Maintain an inventory of assets, data, and systems, including their business context and criticality.
- Identify and document cybersecurity risks to assets, operations, and individuals.
- Understand vulnerabilities and how they map to the organization's risk exposure.
Protect
- Implement identity management, authentication, and access control safeguards.
- Protect data at rest and in transit through encryption and handling standards.
- Provide security awareness training and maintain protective technology (endpoint, network controls).
Detect
- Implement continuous monitoring to identify anomalous activity in a timely manner.
- Maintain detection processes that are tested and improved over time.
- Ensure logging is sufficient to reconstruct events during an investigation.
Respond
- Maintain a tested incident response plan with defined roles and communication paths.
- Analyze incidents to understand scope and root cause.
- Contain and mitigate incidents to limit impact.
Recover
- Maintain and test a recovery plan to restore capabilities and services affected by an incident.
- Communicate recovery status to internal and external stakeholders as appropriate.
- Incorporate lessons learned from incidents back into planning and protective controls.
Related Resources
- NIST Cybersecurity Framework Overview — /knowledge-center/compliance/compliance-governance/nist-cybersecurity-framework-overview
- CIS Controls Overview — /knowledge-center/compliance/compliance-governance/cis-controls-overview