NIST CSF 2.0 — Governance Functions
This document focuses on the functional components of the NIST Cybersecurity Framework (CSF) 2.0 and their role in cybersecurity governance and operations.
Govern
Core governance function
- Establish and maintain cybersecurity policies
- Align cybersecurity objectives with organizational mission and strategy
- Define roles, responsibilities, and accountability
- Support strategic planning and decision-making
- Oversee cybersecurity risk management and risk ownership at the executive level
Outcome: Governance structures, oversight mechanisms, and cybersecurity leadership alignment.
Identify
- Understand cybersecurity risks to the organization
- Identify and classify assets, systems, and business processes
- Perform risk-based assessments aligned with risk appetite
- Improve policies, procedures, and prioritization mechanisms
- Identify and assess third-party and supply chain cybersecurity risks
Outcome: Asset inventory and risk-informed security strategy.
Protect
- Implement safeguards to mitigate identified risks
- Enforce security policies through technical and organizational controls
- Protect organizational assets, systems, and data
- Apply preventive security controls, including:
- Identity and Access Management (IAM / PAM)
- Security awareness and training
- Data protection mechanisms
- System and application hardening
Outcome: Effective implementation of preventive security measures.
Detect
- Identify anomalous activity and potential cyber incidents
- Establish detection and alerting capabilities
Outcome: Continuous monitoring and detection capabilities (e.g. SIEM, SOC).
Respond
- Develop and execute incident response processes
- Contain, analyze, and mitigate cybersecurity incidents
Outcome: Structured incident response plans and coordinated actions.
Recover
- Restore systems, services, and business operations
- Improve resilience and reduce long-term impact
Outcome: Recovery plans, business continuity, and crisis communication.