Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is the NIST Cybersecurity Framework (CSF)?

NIST is a federal agency within the US Department of Commerce that creates guidelines, frameworks, and policies that support innovation in science and technology. It was created in response to Presidential Executive Order 13636, The National Institute of Standards and Technology (NIST) created a Cybersecurity Framework (CSF) in 2014. 

The NIST Cybersecurity Framework provides guidance to organizations on how to mitigate, handle, and monitor security threats. Only federal agencies and their vendors, contractors, and partners are mandated to comply with NIST CSF. 

Many private organizations voluntarily implement NIST CSF principles into their compliance and security programs. Self-attestation does not require an audit, and there is no accrediting body that awards certificates for compliance. 

NIST CSF is based on five core functions intended to holistically safeguard organizations from security risks. 

  • Identify: Develop an understanding of possible security risks as they relate to a company’s people, processes, and technology.

  • Protect: Establish cybersecurity protocols and principles that actively and passively defend a company’s infrastructure from security breaches.

  • Detect: Continuously monitor a company’s infrastructure for anomalous events, malicious activity, and system weaknesses.

  • Respond: Ensure a proper response strategy that effectively eliminates a security threat while also keeping company production on track.
  • Recover: Maintain the integrity of all systems so that a company’s people, processes, and technologies can return to a stronger, more efficient state of operations.

{{cta_simple3="/cta-modules"}}

Additional resources you might like:

Compliance
Vanta events | Vanta
How to streamline ISO 27001 and SOC 2 compliance with automation

Join Vanta’s 45-minute live product demo. Register today to begin your automated compliance journey!

Compliance
Vanta events | Vanta
Simplifying SOC 2 and ISO 27001 compliance

Join us for a 45-minute webinar where we’ll demonstrate how Vanta automates up to 90% of the work for security and privacy frameworks, and helps you move towards a state of continuous compliance.

Security
Vanta events | Vanta
The State of Trust 2024: How UK Businesses are managing risk and compliance with automation

Join our upcoming webinar, where leading cybersecurity experts Ciaran Martin and Victoria Baines will discuss findings from Vanta’s second annual State of Trust Report. Understand the risks facing UK organisations, why good security means good business and how to minimise manual security work through AI and automation. 

Additional resources you might like:

Compliance
Vanta events | Vanta
How to streamline ISO 27001 and SOC 2 compliance with automation

Join Vanta’s 45-minute live product demo. Register today to begin your automated compliance journey!

Compliance
Vanta events | Vanta
Simplifying SOC 2 and ISO 27001 compliance

Join us for a 45-minute webinar where we’ll demonstrate how Vanta automates up to 90% of the work for security and privacy frameworks, and helps you move towards a state of continuous compliance.

Security
Vanta events | Vanta
The State of Trust 2024: How UK Businesses are managing risk and compliance with automation

Join our upcoming webinar, where leading cybersecurity experts Ciaran Martin and Victoria Baines will discuss findings from Vanta’s second annual State of Trust Report. Understand the risks facing UK organisations, why good security means good business and how to minimise manual security work through AI and automation. 

SOC 2
Vanta events | Vanta
Compliance for startups with Fern (YC W23)

Join Danny Sheridan, Co-founder and CEO at Fern (YC W23), and Brian Kuan, Product Marketing Manager at Vanta (YC W18), for a deep dive into why startups should prioritize compliance early in their journey, and how Vanta can help you become SOC 2-ready in as little as four weeks—giving time back for you to focus on building a company.

Compliance
Vanta events | Vanta
Simplify Compliance and Enhance Your Customer’s Trust

Curious about why compliance is so important, which businesses need it, and how Vanta's automation can help you quickly achieve it? Join Vanta’s 45-minute live product demo where you’ll learn how Vanta goes beyond compliance to enhance your overall security and trust management.

Compliance
Vanta events | Vanta
Fostering a culture of security in an AI world

Join our expert-led session to explore strategies for embedding a security-first culture in an AI-driven world. We'll address unique challenges and share actionable insights to help safeguard your organization.

Compliance
Vanta events | Vanta
Streamlining SOC 2 Compliance with Vanta and AWS

Watch our Coffee and Compliance session, where our experts, Ethan Heller, GRC, Subject Matter Expert at Vanta, and Brad Dispensa,WWPS Specialist SA at Amazon Web Services (AWS) cover some of the challenges of SOC 2 compliance and show how Vanta and AWS work together to simplify and accelerate SOC 2 compliance.

Compliance
Vanta events | Vanta
How to streamline SOC 2 and ISO 27001 compliance with automation

Watch Vanta’s 45-minute live product demo. Our Vanta team will walk you through the platform and answer questions throughout the session.

ISO 42001
Vanta events | Vanta
How to demonstrate secure AI practices with ISO 42001

Watch Vanta and A-LIGN's Coffee and Compliance session on ISO 42001 —what it is, what types of organizations need it, and how it works.