Importance of Cyber Security Framework and its Components

Verified

Added on 2023/06/10

AI Summary

This article discusses the importance of Cyber Security Framework (CSF) and its three components - Implementation Tiers, Framework Core, and Profiles. It also explains the key stakeholders in the implementation process and the four tiers of the framework. The CSF provides a common language and methodology to manage cybersecurity risks and has become crucial in the dynamic threat environment. The implementation tiers reduce the level of risks for organizations, and the framework core consists of five functions that can be used for other risk management as well. The profiles are unique alignments of organizations that identify objectives and requirements. The key stakeholders in the implementation process are government and private entities. The four tiers of the framework range from Partial to Adaptive and describe the rigor degree that is increasing. Management should care about the framework as it reduces cybersecurity risks and provides a risk-free environment for the organization.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CYBER SECURITY
Cyber Security
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1CYBER SECURITY
Question 1.
Why is CSF important? Why was it created?
Ans. The CSF or the Cyber Security Framework is important because it provides a language
that is common for all and a methodology that is systemic to manage the risk that are
associated with the cybersecurity. The cyber security framework have several core activities
that is perfectly made for meeting the requirements of the organizations (Choo 2014). One
thing have to keep in mind that the implementation of the cyber security framework only
compliment the program of the cyber security and it will not change or replace the
organizations program of the cyber security.
In the recent time, the cyber security framework has become very important in the
field of the dynamic threat environment which build a flexible cyber security strategy for the
organizations that can grow continuously to reduce the risk in the company. This framework
is created to provide opportunities to the organizations to search the risk in the organisation
and mitigate the risks accordingly.
Question 2.
What are the three components of CSF? Denote and briefly explain.
Ans. The three components of the Cyber Security Framework are
1. Implementation Tiers
2. Framework Core
3. Profiles
The first component of the cyber security framework is the implementation tier. The
tiers shows that the degree of the framework. It exhibits the characteristics of the

2CYBER SECURITY
cybersecurity. Four tiers are there starting from Partial that is the 1st tier and ending with
the Adaptive tier that is the tier 4. Tier 2 and the Tier 3 are risk informed and repeatable
respectively (Barrett et al., 2017). The tiers reduces the level of risks for the
organisations.
The second component of the framework is Core. The core consists of several
activities of the framework and the result are categorized and organized in some
references that are informative. The core consists of 5 functions, identify, protect, detect,
respond and recover. These functions are not only limited to the risk management of the
cybersecurity but the other kind of risk management also can be done by these functions
(Scofield 2016). The five functions also further expand to a number of 23 categories.
The third component of the framework is Profiles. Profiles are the unique alignments
of the organizations which are the objective and the requirements of the organization and
the resources that are against the framework’s outcomes. The profile identified by
comparing the two code like the Current and Target of the profile.
Question 3.
Who are the key stakeholders in the implementation process?
Ans. There are two primary or key stakeholders for the cyber security implementation
frame work are mainly government and private entities. The two stakeholders has their own
capabilities and different cost factors (Shackelford et al., 2014). The government stakeholders
can be divided into two sub parts, one is the government contractors another are civilians.
The cyber security framework implementation is more accurate in the private sector. As the
government stakeholders are not investing in the government sectors. The government
stakeholders are the contrast of the private key holders. As the result cyber security
framework lacks the proper maintenance for the sustainable cyber security framework

3CYBER SECURITY
(Shackelford et al., 2015). The more stakeholders puts their money on the framework the
more framework will be sustainable to provide security to mitigate the cyber security scopes
in the organization.
Question 4.
What are the four tiers of the framework and why should management care.
Ans. The four tiers that the cyber security framework consist are:
 Tier 1 (Partial)
 Tier 2(Risk Informed)
 Tier 3 (Repeatable)
 Tier 4 (Adaptive)
The range of the tier is from Tier 1 to Tier 4 and these tiers describes the rigor degree
that is increasing, it make sure that the decisions of the cybersecurity risks must be well
integrated for taking the much bigger decisions, and some certain degree that the
company or the organization receives and shares the information of the cybersecurity
from the external parties. It is not necessary that the tiers will be only represented in the
maturity levels. The management of the organization must determine the tire that is
desired to make sure that the organization meet the goals on the selected level (Dedeke
2017). This also reduces the risks that are associated with the cybersecurity for levelling
the acceptable of the organization. The implementation is feasible for the management of
the organization. It is necessary for the management of the organization to maintain this
properly in order to successfully reduce the risks that are related to the cyber security to
provide the organization risk free environment.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4CYBER SECURITY
Referencs:
Barrett, M., Marron, J., Pillitteri, V. Y., Boyens, J., Witte, G., & Feldman, L. (2017). The
Cybersecurity Framework.
Choo, K. K. R. (2014). A conceptual interdisciplinary plug-and-play cyber security
framework. In ICTs and the Millennium Development Goals (pp. 81-99). Springer,
Boston, MA.
Dedeke, A. (2017). Cybersecurity Framework Adoption: Using Capability Levels for
Implementation Tiers and Profiles. IEEE Security & Privacy, (5), 47-54.
Scofield, M. (2016). Benefiting from the NIST cybersecurity framework. Information
Management, 50(2), 25.
Shackelford, S. J., Proia, A. A., Martell, B., & Craig, A. N. (2015). Toward a global
cybersecurity standard of care: Exploring the implications of the 2014 NIST
cybersecurity framework on shaping reasonable national and international
cybersecurity practices. Tex. Int'l LJ, 50, 305.
Shackelford, S., Proia, A., Martell, B., & Craig, A. (2014). Toward a Global Cybersecurity
Standard of Care? Exploring the Implications of the 2014 NIST Cybersecurity
Framework on Shaping Reasonable National and International Cybersecurity
Practices.

1 out of 5

+13062052269

info@desklib.com

Importance of Cyber Security Framework and its Components

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

NIST Cyber Security Framework and Application

IT Security Management

Cyber-security Program

Cyber Security Awareness Campaign: Literature Review and Limitations

Cybersecurity. task. Student name. Solution: one. Cyber

Information System Risk Management