Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is the NIST Cybersecurity Framework (CSF)?

NIST is a federal agency within the US Department of Commerce that creates guidelines, frameworks, and policies that support innovation in science and technology. It was created in response to Presidential Executive Order 13636, The National Institute of Standards and Technology (NIST) created a Cybersecurity Framework (CSF) in 2014. 

The NIST Cybersecurity Framework provides guidance to organizations on how to mitigate, handle, and monitor security threats. Only federal agencies and their vendors, contractors, and partners are mandated to comply with NIST CSF. 

Many private organizations voluntarily implement NIST CSF principles into their compliance and security programs. Self-attestation does not require an audit, and there is no accrediting body that awards certificates for compliance. 

NIST CSF is based on five core functions intended to holistically safeguard organizations from security risks. 

  • Identify: Develop an understanding of possible security risks as they relate to a company’s people, processes, and technology.

  • Protect: Establish cybersecurity protocols and principles that actively and passively defend a company’s infrastructure from security breaches.

  • Detect: Continuously monitor a company’s infrastructure for anomalous events, malicious activity, and system weaknesses.

  • Respond: Ensure a proper response strategy that effectively eliminates a security threat while also keeping company production on track.
  • Recover: Maintain the integrity of all systems so that a company’s people, processes, and technologies can return to a stronger, more efficient state of operations.

Additional resources you might like:

Compliance
Event
Automating your existing compliance program

With Vanta, you get enough flexibility to choose between a wealth of pre-built content and the ability to customize and configure the product to match your program’s needs. Curious to see this in action?

Compliance
Event
How to automate ISO 27001 & SOC 2 compliance

Join Vanta’s 45-minute live product demo on 25 April at 11 am BST. Two of our team members will walk you through the platform and answer questions throughout the session.

Compliance
Event
ISO 27001 & SOC 2 compliance automation

Join Vanta’s 45-minute live product demo on 10th April at 1pm AEST. Two of our team members will walk you through the platform and answer questions throughout the session.

Additional resources you might like:

Compliance
Event
Automating your existing compliance program

With Vanta, you get enough flexibility to choose between a wealth of pre-built content and the ability to customize and configure the product to match your program’s needs. Curious to see this in action?

Compliance
Event
How to automate ISO 27001 & SOC 2 compliance

Join Vanta’s 45-minute live product demo on 25 April at 11 am BST. Two of our team members will walk you through the platform and answer questions throughout the session.

Compliance
Event
ISO 27001 & SOC 2 compliance automation

Join Vanta’s 45-minute live product demo on 10th April at 1pm AEST. Two of our team members will walk you through the platform and answer questions throughout the session.

Compliance
Event
Combating threats through a continuous compliance

In the world of cloud infrastructure, security teams frequently find themselves bouncing between tools to track alignment to compliance standards. What’s more, they must often contend with a lack of visibility into risk and potential threats.

Security
Event
How to build an enduring security program as your company grows

Join Vanta's CISO, Jadee Hanson, and seasoned security leaders at company's big and small to discuss building and maintaining an efficient and high performing security program.

Compliance
Event
Ask Me (Almost) Anything: AI & Compliance

What does AI mean for your company’s security compliance program? Join our session on 28 March 9 am AEDT where Matt Cooper, Privacy, Risk and Compliance Manager at Vanta, and Noam Rubin, Sr. Software Engineer at Vanta, will answer (almost) all your questions about AI and compliance.

Compliance
Event
Automating SOC 2 compliance & more

Join Vanta’s 45-minute live product demo on March 12 at 11 am PST where Devin and Natalie will walk you through the Vanta platform and show you how we automate 90% of the work for security and privacy frameworks, and help you move towards a state of continuous compliance.

Compliance
Event
ISO 27001 & SOC 2 compliance automation

Join Vanta’s 45-minute live product demo on 13 March at 11 am GMT. Two of our team members will walk you through the platform and answer questions throughout the session.

GDPR
Event
AMAA: Demystifying GDPR to make progress and fuel EU Growth

Want to quickly get up to speed with GDPR so you can supercharge your growth in the European market? Join our next Ask Me (Almost) Anything webinar on February 28th at 8:30am PST / 4:30pm GMT to find out how.

Get compliant and
build trust, fast.

Two wind turbines on a white background.
Get compliant and build trust,
fast.
Get started