NIST Cybersecurity Framework 2.0.
NIST CSF 2.0 provides a voluntary framework for managing cybersecurity risk, organized around six functions: Govern, Identify, Protect, Detect, Respond, and Recover. Widely adopted as a baseline by US federal agencies and private sector organizations.
Maximum penalty
Voluntary (no direct penalties)
Source: NIST Framework
Key requirements
Govern: cybersecurity governance and strategy
Identify: asset management and risk assessment
Protect: access control and data security
Detect: continuous monitoring and anomaly detection
+2 more requirements in the complete guide.
Get the full NIST CSF compliance guide →Enforcement examples
Voluntary framework
No direct penalties; used as baseline for regulatory expectations and insurance assessments
N/A
2024
How Tessera automates NIST CSF compliance
NIST CSF maturity assessment
Control mapping across six functions
Gap analysis and remediation planning
Continuous monitoring dashboard
NIST CSF compliance checklist
Essential steps to achieve and maintain NIST CSF compliance.
Assess current cybersecurity maturity against CSF
Map existing controls to six CSF functions
Identify and prioritize gaps
+2 more steps in the full checklist.
Get your complete NIST CSF compliance checklist - free →Industries affected
Calculate your NIST CSF exposure.
See exactly how NIST CSF penalties apply to your revenue and industry profile.