NIST is an acronym for the National Institute of Standards and Technology at the U.S. Department of Commerce, and the NIST Cybersecurity Framework is commonly referred to as the CSF. The Framework provides a structure for private enterprises to assess and improve their ability to prevent, detect, and respond to cyber incidents.

First formulated in 2014, a recent study reported that 70% of the surveyed organizations see the NIST framework as a widespread best practice for computer security, 50% have noted that to do so requires a significant monetary investment, which is a barrier for adoption