American Digital Services adheres to the NIST Cybersecurity Framework (CSF) Version 2.0, ensuring robust cybersecurity measures to protect critical infrastructure. The NIST CSF 2.0, developed in collaboration between industry and government, provides a comprehensive set of guidelines to manage and reduce cybersecurity risks. It emphasizes flexibility, cost-effectiveness, and a prioritized approach to safeguard critical infrastructure.
https://www.nist.gov/cyberframework
Key Components
Framework Core
The Core consists of five functions: Identify, Protect, Detect, Respond, and Recover. These functions provide a strategic view of an organization's management of cybersecurity risks and are supported by categories and subcategories for specific outcomes.
Implementation Tiers
The Tiers (Partial, Risk-Informed, Repeatable, Adaptive) help organizations understand their current cybersecurity posture and guide improvements. They range from Tier 1 (Partial) to Tier 4 (Adaptive), reflecting an organization's approach to risk management.
Profiles
Profiles enable organizations to align their cybersecurity activities with business requirements, risk tolerance, and resources. They are used to create a roadmap for reducing cybersecurity risks and improving the overall security posture.
Enhancements in Version 2.0
- Supply Chain Risk Management: New controls and guidelines to manage risks associated with third-party vendors and supply chains.
- Enhanced Identity Management: Updated controls for identity verification and access management.
- Improved Incident Response: Strengthened guidelines for detecting and responding to cybersecurity incidents.
- Regular Updates and Adaptability: Emphasis on continuous improvement and adaptability to emerging threats.
Commitment to Compliance
American Digital Services is committed to maintaining the highest standards of cybersecurity. By adhering to the guidelines set forth in NIST CSF 2.0, we ensure the protection of critical infrastructure through rigorous and continuous compliance efforts.