• Skip to main content
  • Skip to primary sidebar

Information Security Management ResourceKit

A Public Service of SecureTheVillage

  • Home
  • Return to SecureTheVillage

The NIST Framework — The Information Security Management Chain

Following the NIST Framework for Improving Critical Infrastructure Cybersecurity, managing the security of information hinges on five security management capabilities:

  1. Identify: what information needs to be protected and where it is located
  2. Protect: that information
  3. Detect: information attacks and other incidents
  4. Respond: to information attacks and other incidents, especially successful attacks
  5. Recover: from the incident, returning back to normal operations

The information security management community has begun referring to these capabilities as information resilience: The ability of an organization to continue to provide an acceptable level of performance throughout all phases of the management chain, particularly respond and recover.

 

Contributed by Citadel Information Group
© Copyright 2017. Citadel Information Group. All Rights Reserved.

Filed Under: Information Security Management & Governance

Primary Sidebar

Resources Areas

  • Cyber Threats
    • Ransomware
    • Online Bank Fraud
  • Information Security Management / Leadership
  • Information Security Policies and Standards
  • Information Security Risk Assessment
  • Information Classification and Control
  • Securing the Human
  • Third-Party Security Management
  • Managing Security of the IT Infrastructure
  • Legal & Related
    • Basic Cyber Laws
    • Payment Card Industry Data Security Standard (PCI DSS)
    • General Data Protection Regulation (GDPR)
    • California Consumer Privacy Act (CCPA)
    • Cybersecurity Maturity Model Certification (CMMC)
  • Getting Cyber-Prepared: Incident Response & Business Continuity
  • Managing Cyber-Risk and Insurance
  • Personal Cybersecurity
  • Cyber Freedom

Copyright © 2023 · SecureTheVillage