Statements (184)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:Cybersecurity
gptkb:software_framework |
| gptkbp:aims_to |
improve cybersecurity risk management
|
| gptkbp:aims_to_improve |
cybersecurity risk management
|
| gptkbp:applies_to |
gptkb:organization
organizations of all sizes |
| gptkbp:collaborated_with |
academic institutions
industry stakeholders government entities |
| gptkbp:consists_of |
gptkb:Graphics_Processing_Unit
gptkb:Inspector Implementation Tiers |
| gptkbp:developed_by |
gptkb:National_Academy_of_Sciences
|
| gptkbp:encourages |
gptkb:collaboration
Self-Assessment continuous improvement collaboration among stakeholders |
| gptkbp:facilitates |
gptkb:communication
communication about cybersecurity risks |
| https://www.w3.org/2000/01/rdf-schema#label |
Cybersecurity
|
| gptkbp:includes |
gptkb:Risk_Management
best practices Assessment Procedures five core functions Detect Function Identify Function Protect Function Recover Function Respond Function Cybersecurity Controls |
| gptkbp:is_adopted_by |
gptkb:educational_institutions
Small Businesses government agencies non-profit organizations international organizations private sector organizations critical infrastructure sectors Critical Infrastructure Sectors |
| gptkbp:is_aligned_with |
gptkb:NIST_SP_800-53
gptkb:ISO/_IEC_27001 |
| gptkbp:is_based_on |
existing standards
Risk Management Principles existing standards and guidelines |
| gptkbp:is_compliant_with |
gptkb:NIST_SP_800-53
gptkb:ISO/_IEC_27001 CIS Controls |
| gptkbp:is_designed_for |
organizations of all sizes
All Organizations cybersecurity improvement |
| gptkbp:is_enhanced_by |
stakeholder feedback
|
| gptkbp:is_evaluated_by |
Performance Metrics
Surveys Stakeholders effectiveness Case Studies efficiency Feedback Mechanisms incident reports risk assessments adaptability performance indicators audit results self-assessments third-party assessments cybersecurity assessments cybersecurity metrics organizations' cybersecurity posture |
| gptkbp:is_guided_by |
gptkb:Risk_Management
|
| gptkbp:is_influenced_by |
gptkb:Executive_Order_13636
gptkb:Presidential_Policy_Directive_21 |
| gptkbp:is_often_used_in |
international organizations
|
| gptkbp:is_part_of |
gptkb:Cybersecurity
NIST Cybersecurity Program NIST's Cybersecurity Program U. S. federal policy |
| gptkbp:is_promoted_by |
gptkb:NIST_Cybersecurity_Center_of_Excellence
gptkb:U._S._government gptkb:NIST government initiatives academic institutions consulting firms professional associations industry associations industry groups cybersecurity organizations |
| gptkbp:is_promoted_through |
gptkb:Workshops
gptkb:Publications Conferences Webinars training programs workshops conferences webinars |
| gptkbp:is_recognized_as |
internationally
|
| gptkbp:is_referenced_in |
gptkb:legislation
industry standards cybersecurity regulations executive orders various cybersecurity regulations |
| gptkbp:is_reviewed_by |
gptkb:military_personnel
cybersecurity experts |
| gptkbp:is_supported_by |
gptkb:assessment_tools
gptkb:NIST_Cybersecurity_Framework_for_Chemical_Sector gptkb:NIST_Cybersecurity_Framework_for_Communications_Sector gptkb:NIST_Cybersecurity_Framework_for_Financial_Services gptkb:NIST_Cybersecurity_Framework_for_Io_T gptkb:NIST_Cybersecurity_Framework_for_Water_Sector gptkb:Federal_Government gptkb:NIST_Cybersecurity_Framework_Manufacturing_Profile gptkb:NIST_Special_Publications International Organizations Industry Partners Training Resources training resources Implementation Guides implementation guides NIST Cybersecurity Framework for Small Business NIST Cybersecurity Framework for Supply Chain Risk Management NIST Cybersecurity Framework Cybersecurity Framework for Small Business NIST Cybersecurity Framework for Energy Sector NIST Cybersecurity Framework for Healthcare NIST Cybersecurity Framework for Transportation Sector NIST Cybersecurity Framework for Critical Infrastructure NIST Cybersecurity Framework for Cloud Computing NIST Cybersecurity Framework for Privacy |
| gptkbp:is_updated_by |
gptkb:NIST
gptkb:2020 periodically |
| gptkbp:is_used_by |
small businesses
organizations |
| gptkbp:is_used_for |
gptkb:Compliance_Management
gptkb:administration gptkb:training Policy Development compliance with regulations incident response planning Awareness Programs cybersecurity training cyber risk assessment security program development |
| gptkbp:is_used_in |
critical infrastructure sectors
|
| gptkbp:is_utilized_in |
training programs
incident response planning policy development strategic planning risk assessments compliance audits business continuity planning cybersecurity assessments security program development |
| gptkbp:operational_use |
different industries
to different types of organizations |
| gptkbp:promotes |
gptkb:Best_Practices
|
| gptkbp:provides |
Flexibility
Common Language a common language for cybersecurity a framework for managing cybersecurity risk guidance for managing cybersecurity risk |
| gptkbp:provides_guidance_on |
gptkb:Risk_Management
Incident Response Continuous Monitoring identifying risks responding to incidents protecting assets detecting incidents recovering from incidents |
| gptkbp:published_in |
gptkb:2014
February 12, 2014 |
| gptkbp:purpose |
to provide a policy framework of computer security guidance
Improve cybersecurity risk management to provide a policy framework of computer security guidance for how private sector organizations can assess and improve their ability to prevent, detect, and respond to cyber attacks |
| gptkbp:released_on |
February 12, 2014
|
| gptkbp:supports |
gptkb:Risk_Management
risk management risk management processes Cyber Risk Management |
| gptkbp:updates |
April 2018
|
| gptkbp:used_by |
Government Agencies
Non-Profit Organizations Private Sector organizations |
| gptkbp:volunteers |
for organizations
|
| gptkbp:bfsParent |
gptkb:Massachusetts_Institute_of_Technology
|
| gptkbp:bfsLayer |
2
|