NIST CSF

Cyber Security Framework

The NIST CSF (National Institute of Standards and Technology, Cyber Security Framework) is a framework that helps an organization better understand, manage and reduce its security risks. With the help of NIST-CSF, the organization gets a clear picture of its current cyber security capability against a desired state.

Strengthens cyber security • Shows current cyber security capabilities • Guides step by step towards better cyber security

Man som pratar i telefon framför en dator och papper & penna

The NIST CSF framework

With knowledge of the current ability to manage and reduce cyber security risks, the organization’s knowledge of what needs to be accomplished to manage cyber security in a better way increases. This is where the NIST-CSF framework comes in handy for an organization that wants both an indication of the current ability to manage threats and vulnerabilities related to cyber security, but also the knowledge to take the necessary measures.

Following NIST-CSF is not a statutory requirement within the EU. Currently, there is no certification for NIST-CSF. If you want to be certified, management systems within information security ISO 27001 work very well. On the other hand, we see an increased request for NIST-CSF from European companies operating in the US market, which at short notice receive express demands from American customers to apply NIST-CSF. Companies whose customers are directly or indirectly suppliers to US authorities may be faced with explicit requirements to demonstrate a certain level of maturity in their approach to cyber security based on the NIST-CSF. There are four maturity levels and it is the customer/authority who decides which level applies.

The framework’s structure is based on five functional areas that follow each other in a logical sequence.

Do you want to know more?

This is what our customers think

Secify supports us in data protection issues and in our work with Data Privacy. In a trustworthy manner and with broad competence, Secify has contributed to our delivery.

Robert Ekvall, IT Security & Company Integration Lead

Några av våra kunder

Five steps

The framework is based on five steps to ensure that protection is achieved.

Identify (identify)
Gives the organization an understanding of what risks exist related to the cyber security of systems, people, assets and data information.
Protect
Develop and implement appropriate safeguards to ensure delivery of critical business functions.
Detect
Develop and implement appropriate activities to detect cyber-related threats.
Handle (respond)
Develop and implement appropriate activities to manage and remediate detected cyber-related threats.
Recover
Develop and implement appropriate activities to restore critical business functions to normal after cyber-related attacks.

If this seems interesting to your company, you can either send a message using the contact function, or simply pick up the phone and call.

Phone: 020 – 66 99 00
Visiting address: Östra Storgatan 67, Jönköping

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement		Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics		Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional		The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary		Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-others		Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance		Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance".
CookieLawInfoConsent		Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
JSESSIONID		The JSESSIONID cookie is used by New Relic to store a session identifier so that New Relic can monitor session counts for an application.

Cookie	Duration	Description
1e5a17c8ab		This cookie is set in relation to Zoho Campaigns
AnalyticsSyncHistory		No description
bscookie		LinkedIn sets this cookie to store performed actions on the website.
lang		LinkedIn sets this cookie to remember a user's language setting.
li_gc		Used to store consent of guests regarding the use of cookies for non-essential purposes

Cookie	Duration	Description
_ga		The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_X8W3VDVR14		This cookie is installed by Google Analytics.
_gat_UA-112487526-1		A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid		Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
utm_source		This cookie is used to record from where the visitor came to the website orginally. This information is used by the website operator to know the efficiency of their marketing.

Cookie	Duration	Description
_fbp		This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
d18efd344f		Collects information on user preferences and international with erb content. Used to promote relevant events or products. Session.
fr		Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE		Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie		The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
utm_medium		This cookie is used to record from where the visitor came to the website orginally. This information is used by the website operator to know the efficiency of their marketing.
ZCAMPAIGN_CSRF_TOKEN		No description available.
ZMEET_CSRF_TOKEN		No description available.

Cyber Security Framework

The NIST CSF framework

Do you want to know more?

This is what our customers think

Five steps

Säkerhet utan nonsens

Hur säker är din organisation?

Övervakning och ökad säkerhet för din IT-miljö

Säkerhet utan nonsens