Created through collaboration between industry and government, the voluntary Framework consists of standards, guidelines, and practices to promote the protection of critical infrastructure. The prioritized, flexible, repeatable, and cost-effective approach of the Framework helps owners and operators of critical infrastructure to manage cybersecurity-related risk.
The Framework Core and Informative References are available as separate downloads in two formats: spreadsheet (Excel) , and alternate view (PDF). A companion Roadmap discusses future steps and identifies key areas of cybersecurity development, alignment, and collaboration.
The Department of Homeland Security’s Critical Infrastructure Cyber Community C³ Voluntary Program helps critical infrastructure owners and operators align with existing resources to assist them in using the Cybersecurity Framework and managing their cyber risks.
Visit Resource
