Page 01 Download the whitepaper


In this paper, Avecto looks at the role least privilege security and application control play in the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), a voluntary standard for public and private industry sectors supporting critical infrastructure, helping organizations improve security and comply with common regulatory standards.

The NIST Cybersecurity Framework was created on a White House directive in 2013, and according to Gartner, while intended as a voluntary code, has been adopted by 30% of public and private enterprises in the US. CSF differs from many other regulatory codes in that rather than providing a checklist of security controls, it is a risk-based approach where organizations must evaluate their risk position and implement controls as appropriate.