NIST Cybersecurity Framework

NIST Cybersecurity Framework

The United States National Institute of Standards and Technology (NIST) has created a  framework for improving critical infrastructure cybersecurity, referred to as the NIST Cybersecurity Framework. The main objective of this framework is to offer organizations a list of items for assessing and enhancing their capacity for preventing, detecting and responding to cyberattacks. According to the framework, cybersecurity should be considered part of an organization’s risk management operations.

What the NIST Cybersecurity Framework?

The NIST Cybersecurity Framework is a set of best practice guidelines to help organizations and businesses improve their cybersecurity processes. It was established by NIST under the U.S. Commerce Department. The standards aim at preparing private sector companies to prevent and recover from cyberattacks. Having a website security platform can be vital to following the framework, because it can protect websites from cyberattacks as well as recover a website if an incident has already occurred.

Elements of the NIST Cybersecurity Framework

The NIST Cybersecurity Framework is built on four core elements: Functions, Categories, Subcategories and Informative References. This framework can be used to address an organization’s website security needs.


During the identifying stage, a company should document and review all asset inventory and management. It means that the following items should be assessed:

  • Web properties
  • Web servers and infrastructure
  • Plugins, extensions, themes and modules
  • Third-party integrations and services
  • Access points/nodes

We recommend making a list of all your website assets in order to be able to defend each of them from cyberattacks. Not every website will carry the same risk, so it’s important to catalog high-risk assets appropriately.


During the protection stage, a company should be aware if they have the necessary protective technology for their websites, such as:

  • Cloud-based firewall
  • Application-level firewall
  • Server/application hardening

The protective technologies function as layers of defense against cyberattacks.


During the detection stage, a company should think about what they have in place that allows for continuous monitoring and scanning for indicators of compromise. They should implement tools to monitor a website (assets) and be notified of any issues.

Continuous monitoring for websites includes:

  • Server level monitoring
  • Application level monitoring
  • User access monitoring
  • Change and integrity monitoring
  • External source code monitoring

Detection technologies give a company visibility into what is happening with their online environment.

Sucuri can help you continuously monitor your website. We offer a detection platform comprised of a remote website scanner and a server level scanner.

If you are looking for a free website malware scanner,  you can use our SiteCheck tool to scan for indicators of website compromise or security misconfigurations.


During the response stage, a company should perform analysis and mitigation of a security incident or event. Having a response plan before an incident occurs can avoid prolonged and costly impacts – including financial loss, time loss, stress and reputation damage.

The incident response process, as defined by NIST, is broken down into four broad phases:

  • Preparation and planning
  • Detection and analysis
  • Containment, eradication and recovery
  • Post incident activities

We have just released our Website Security Guide where we explain each phase in more detail. The most important piece of advice we can offer you is to have a website security team you can count on. Having the peace of mind of knowing your company will not be alone if a cyberattack occurs is priceless.


During the recovery stage, a company should make sure to have a recovery plan in place in case of a cyber incident.

A recovery plan includes reviewing the output of all phases, document and deploy updates to the processes followed by a team review of the findings.

While it is important to have a website security solution in place, it is also vital to ensure that everybody in your company understands the internal cybersecurity processes. Reviewing cybersecurity plans with your employees is also a great opportunity to assess ways of improving the company procedures.

How to Protect Your Site with a Website Security Solution

At Sucuri, we admire the NIST framework, and our solution is built on 3 core pillars – protection, detection and response. We take a defense-in-depth approach to website security by using multiple layers of security controls. Combining people, process and technology ensures that websites are cared for and attacks are mitigated as efficiently as possible. You can check out our website security plans or contact our team for a free consultation.

You May Also Like