CSF 2.0 is organised into six Functions — Govern, Identify, Protect, Detect, Respond, and Recover — which include additional elements: Categories, Subcategories, and Informative References. Together, these functions provide a comprehensive view for managing cybersecurity risk.
Define, communicate, and monitor the organisation's cybersecurity risk management strategy, expectations, and policy.
Identify the organisation's assets, suppliers, and current related cybersecurity risks, prioritising efforts in line with the risk management strategy and mission needs.
Use safeguards to manage the organisation's cybersecurity risks, supporting the ability to protect assets to prevent or reduce the likelihood and impact of adverse cybersecurity events.
Detect and analyse potential cyber attacks and compromises, enabling the timely discovery and analysis of anomalies, indicators of compromise, and other potentially adverse events that may indicate cybersecurity attacks and incidents are occurring.
Take action regarding a detected cybersecurity incident, supporting the ability to contain its effects.
Recover assets and operations affected by a cybersecurity incident, supporting the timely restoration of normal operations to reduce its impact.
