Information Technology and Infomation Security Consultants

Call PCSS @: 720-990-7556 

Contact PCSS for NIST 800-171 Assessment & Compliance

Contact PCSS today to learn more about our CSF services 720-990-7556.

Cyber Security Framework (CSF)

The Cyber Security Framework (CSF) was released by the United States Government in 2014 as a voluntary guide for organizations in the critical infrastructure community to enhance cyber security.  In summary the CSF is a mini version of the controls required by NIST 800-53, but it can be an effective framework for implementing security controls in a variety of industries.  This scaled back version of controls was required because many of the systems making up the United States critical infrastructure could not meet a more robust set of controls. CSF is most often applied to process control systems which control water systems, effluent treatment facilities, and industrial processes.  The CSF provides a great framework to implement an IT Security program where security is needed, but it is not practical, or necessary, to apply a more rigorous set of controls required by many of the other standards. The standard can also be enhanced by adding additional security controls such as PII which is absent from the CSF. 


The CSF standard has 5 functions; Identify, Protect, Detect, Respond, and Recover.  ​There are 22 categories and 96 total controls.  The categories are summarized here.


  1. ID - Asset Management
  2. ID - Business Environment
  3. ID - Governance
  4. ID - Risk Assessment
  5. ID - Risk Management Strategy
  6. PR - Access Control
  7. PR - Awareness Training
  8. PR - Data Security
  9. PR - Information Protection Processes and Procedures
  10. PR - Maintenance
  11. PR - Protective Technology
  12. DE - Anomalies and Events
  13. DE - Security Continuous Monitoring
  14. DE - Detection Processes
  15. RS - Response Planning
  16. RS - Communications
  17. RS - Analysis
  18. RS - Mitigation
  19. RS - Improvements
  20. RC - Recovery Planning
  21. RC - Improvements
  22. RC - Communications


Let PCSS help you address these and reach compliance.

#div2{ background-image:url(http://s7.static.hootsuite.com/3-0-48/images/themes/classic/streams/message-gradient.png); height:180px; width:300px; border: 1px solid red; }