The National Institute of Standards and Technology created the Cybersecurity Framework for organizations involved in the protection of critical infrastructure. This framework was designed with 5 modules each addressing a unique set of functions within the Cybersecurity Program.
This NIST CSF module “Protect” was created to address a detailed level control used by most organizations when they protect information. The following control groups are included:
• Identity Management, Authentication and Access Control (PR.AC).
• Awareness and Training (PR.AT).
• Data Security (PR.DS).
• Information Protection Processes and Procedures (PR.IP).
• Maintenance (PR.MA).
• Protective Technology (PR.PT).