NIST Cybersecurity Framework
The NIST Cybersecurity Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure and helps manage cybersecurity-related risk.
LoginRadius is NIST CSF audited and certified.
The National Institute of Standards and Technology (NIST) was founded in 1901 and is now part of the US Department of Commerce. NIST is one of the nation’s oldest physical science laboratories. Congress established the agency to remove a major handicap to US industrial competitiveness at the time—a second-rate measurement infrastructure that lagged behind the capabilities of the United Kingdom, Germany, and other economic rivals.
Today, NIST publishes tests and standards covering many scientific domains including physics, chemistry, materials, engineering, and computer sciences. In the computer sciences area, NIST is well known for standardized criteria around computer security including cryptography and communications and supplies foundational technologies in these areas to the ongoing programs to the US Defense and Intelligence agencies.
Recognizing the national and economic security of the United States depends on the reliable functioning of critical infrastructure. NIST Cybersecurity Framework, created a thorough collaboration between industry and government, consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk.
The NIST Cybersecurity Framework consists of several guiding standards:
- NIST SP 800-53 (Revision 4)
- NIST SP 800-171
- The OMB Trusted Internet Connection (TIC) Initiative—FedRAMP Overlay (pilot)
- The DoD Cloud Computing Security Requirements Guide (SRG)
While not yet commonly considered by application providers, the NIST Cybersecurity Framework is NOT just for “government applications.” It represents a state-of-the-art approach to security and compliance.
The NIST Cybersecurity Framework is worth adopting solely for its stated goal of improving risk-based security. But it also delivers ancillary benefits that include effective collaboration and communication of security posture with executives and industry organizations as well as potential future improvements in legal exposure and even assistance with regulatory compliance.
To that extent, LoginRadius is self-attesting to the NIST Cybersecurity Framework as part of our internal infosec program. We align with the NIST SP 800-53 component, leveraging the CSA CCM, which will cover a larger footprint of the overall NIST Cybersecurity Framework.