More than ever, organizations must balance a rapidly evolving cybersecurity threat landscape against the need to fulfill business requirements on an enterprise level. To help them measure and manage their cybersecurity risk in this larger context, NIST has convened stakeholders to develop the NIST cybersecurity framework (CSF), which helps organizations understand their cybersecurity risks (threats, vulnerabilities, and impacts) and how to reduce those risks with customized measures.

Initially intended for US private-sector owners and operators of critical infrastructure, the voluntary framework’s user base has grown dramatically across the nation and globe. The framework integrates industry standards and best practices. It provides a common language that allows staff at all levels within an organization—and at all points in a supply chain—to develop a shared understanding of their cybersecurity risks.

Cybersecurity is a silent war we cannot lose. What we face today is not a cyber war but a cyber battle. A battle that has been going on for the last couple of decades.
Cybersecurity experts agree: no one security measure is foolproof to defend against attacks. Ransomware is a new threat. It comes from nowhere and can potentially lock you out of your data and applications until a ransom is paid, making it difficult to recover. These cybercriminals are extremely skilled and motivated. They want to access as much confidential personal information as possible. Security specialists recommend using every tool at your disposal, including draconian measures like backups, encrypting data files, redacting sensitive information on your devices and firewalls, in addition to the usual cybersecurity best practices.