The primary reasons to consider the NIST Cybersecurity Framework
Easy wins for implementing the framework
The U.S. Department of Commerce released the NIST Framework for Improving Critical Infrastructure Cybersecurity version 1.0 - commonly known as the Cybersecurity Framework (CSF). The CSF serves as taxonomy for risk management of critical infrastructure in a cybersecurity context. Cybersecurity, as defined by Gartner, includes a broad range of practices, tools and concepts addressing information technology and operational technology (IT/OT) security. The CSF is an absolute minimum of guidance for new or existing cybersecurity risk programs, and is a legal framework for aligning IT to OT security.