Cybersecurity Models Explained

Cybersecurity Models Explained

3 Primary Frameworks

NIST Cyber Security Framework

National Institute of Standards and Technology (NIST) is a cybersecurity model commonly used by organizations in the US. Establishing and communicating your organization’s tolerance for risk is key to increase program maturity, in accordance to this model. The NIST framework also accounts for the rapidly changing nature of cybersecurity threats, and advises its followers to continuously adjust their monitoring techniques and remediation strategies to match the ongoing threat environment. 


The NIST cybersecurity model follows five key phases to reaching a mature security management program:


  • Identify - In the first phase, organizations establish a business-wide approach to cybersecurity management,  including an understanding of the current risks to the network, what sensitive information lives throughout the organization, and what critical  business operations exist that need to be protected from cybersecurity threats

  • Protect - The next step in building program maturity according to NIST’s cybersecurity model is to organize and define the defenses necessary to protect the identified critical pieces of your security program.

  • Detect - This phase is probably what most organizations dive right into when it comes to cybersecurity program management, including establishing the most effecti ..