█
LastWrite
  • > Curriculum
  • > Pricing
  • > For Educators
  • > About
  • > Contact
Log InGet Started

Questions, concerns, bug reports, or suggestions? We read every message, write to us at [email protected].

More ways to reach us →
LastWrite

Structured computer science lessons for aspiring developers and security professionals.

[email protected]

(201) 785-7951

Mon–Fri, 9 AM–5 PM EST

Learn

  • Curriculum
  • Pricing

Company

  • About
  • For Educators & Schools
  • Contact Us

Legal

  • Terms of Service
  • Privacy Policy
© 2026 LastWrite. All rights reserved.
Curriculum/Cybersecurity/NIST Cybersecurity Framework/Introduction to the NIST Framework
30 minBeginner

Introduction to the NIST Framework

After this lesson, you will be able to: Understand NIST CSF, what it is, why it exists, and the five core functions.

The NIST Cybersecurity Framework (CSF) is the most widely adopted security framework in the US. Its five functions. Identify, Protect, Detect, Respond, Recover, give organizations a common vocabulary for managing risk.

What is NIST CSF?

Created by NIST in 2014 (executive order after critical infrastructure attacks). Updated to CSF 2.0 in 2024. Voluntary in the US (mandatory for federal contractors). Adopted globally as a benchmark.

💡 The five (now six) functions

CSF 1.x: Identify, Protect, Detect, Respond, Recover. CSF 2.0 (2024) adds: Govern (cross-cutting). Govern is now considered the foundational function.

Why use CSF?

  1. 1

    1. Common vocabulary across teams + vendors.

  2. 2

    2. Mapping target, most other frameworks (ISO 27001, CIS, HIPAA) crosswalk to CSF.

  3. 3

    3. Maturity-friendly, tier 1 (partial) to tier 4 (adaptive).

  4. 4

    4. Free, well-documented.

  5. 5

    5. Recognized by auditors, regulators, insurers.

Profile and tiers

Profile = your organization's selected outcomes. 'Current profile' (where you are) → 'Target profile' (where you want). Tiers (1-4) measure how integrated and adaptive your risk processes are.

Sign in and purchase access to unlock this lesson.

Sign in to purchase
Back to NIST Cybersecurity Framework
Identify→