Mapping Microsoft Cyber Offerings to: NIST Cybersecurity (CSF), CIS Controls and ISO27001:2013 Frameworks
The NIST Cybersecurity Framework (CSF) is a voluntary Framework consisting of standards, guidelines, and best practices to manage cybersecurity-related risk. The Framework complements an organization’s risk management process and cybersecurity program. The organization can use its current processes and leverage the Framework to identify opportunities to strengthen and communicate its management of cybersecurity risk while aligning with industry practices.
Alternatively, an organization without an existing cybersecurity program can use the Framework as a reference to establish one.
- Microsoft Cyber Offerings that can help an organization meet the security functions
- Certain functions that should be fulfilled by the implementing organization utilizing either internal resources or third parties