What Is the NIST CSF - The National Institute of Standards and Technology Cybersecurity Framework?

NIST is a non-regulatory agency and a physical sciences laboratory of the United States Department of Commerce. The organization states its mission is "To promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life."  

The vision of the NIST CSF is to become the world's leader in creating critical measurement solutions and promoting equitable standards. NIST is dedicated to supporting U.S. competitiveness in cybersecurity, communications technology, disaster resilience and manufacturing advancements, and helps strengthen the security of the digital environment.

Its outreach efforts support the effective application of standards and best practices including cybersecurity framework, industrial controls, online security via encryption, and more recently, through its National Cybersecurity Center of Excellence (NCCoE), medical wireless pump infusion security. NIST maintains the National Vulnerability Database (NVD), a U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). Each is given a CVE unique identifier that provides a criticality rating, details and a link to any available patch.

This data can be downloaded into SIEM systems and integrated with an organization's security operations.