From the course: NIST Cybersecurity Framework (CSF) 2.0 Primer: From Fundamentals to Implementation by Pearson
Join today to access over 25,200 courses taught by industry experts.
CSF tiers
So, of the three components that make up CSF, core, profiles, and tiers, tiers are by far the simplest of the three, because core is huge, it's this whole hierarchy, it's got three different levels to it, levels of magnification, functions, categories, and subcategories, all these different identifiers, so it's just expansive. And profiles aren't much better, like they're conceptually simple, but they use the entirety of CSF core because all the rows in a profile, an organizational profile, correspond to either functions, categories, or subcategories. So they're both kind of big and relatively complex, whereas tiers are more straightforward for the most part. There's only four of them, and they correspond specifically to the rigor of our cybersecurity risk management. Let me make sure, there we go. The rigor of our cybersecurity risk management processes and kind of the level to which it has seeped into the organization. So do we have awareness at an organization-wide level? Has it…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.