Cybersecurity Framework Manufacturing Profile

National Institute of Standards and Technology

July 19, 2023: URLs for CSRC publication details pages have changed. Legacy URLs should automatically redirect to the new URLs. However, links to the actual publications have NOT changed (e.g., DOIs and PDFs on nvlpubs.nist.gov). Please send inquiries to csrc-inquiry@nist.gov. [12:20 pm ET - If you received "Page Not Found" errors recently, please retry accessing those files. File synchronization should now be complete.]

Other (Final Public Draft)

Obsoleted on September 08, 2017 by IR 8183

Cybersecurity Framework Manufacturing Profile

Documentation Topics

Date Published: March 20, 2017
Comments Due: April 17, 2017 (public comment period is CLOSED)
Email Questions to: csf_manufacturing_profile@nist.gov

Author(s)

National Institute of Standards and Technology

Announcement

A draft manufacturing implementation of the Cybersecurity Framework, or Profile, has been developed for reducing cybersecurity risk for manufacturers that is aligned with manufacturing sector goals and industry best practices. This Manufacturing "Target" Profile focuses on desired cybersecurity outcomes and can be used to identify opportunities for improving the current cybersecurity posture of a manufacturing system. This Manufacturing Profile provides a voluntary, risk-based approach for managing cybersecurity activities and reducing cyber risk to manufacturing systems. The Manufacturing Profile is meant to enhance but not replace current cybersecurity standards and industry guidelines that the manufacturer is embracing.

Abstract

This document provides the Cybersecurity Framework implementation details developed for the manufacturing environment. The “Manufacturing Profile” of the Cybersecurity Framework can be used as a roadmap for reducing cybersecurity risk for manufacturers that is aligned with manufacturing sector goals and industry best practices.

Keywords

Cybersecurity Framework; manufacturing; risk management

Control Families

Audit and Accountability; Configuration Management; Contingency Planning; Identification and Authentication; Physical and Environmental Protection

Documentation

Publication:
Cybersecurity Framework Manufacturing Profile (Final Draft) (pdf)

Supplemental Material:
None available

Document History:
09/07/16: Other (Draft)
03/20/17: Other (Draft)
09/08/17: IR 8183 (Final)

Topics

Security and Privacy

audit & accountability, contingency planning, planning, risk assessment, threats, vulnerability management

Applications

cybersecurity framework

Laws and Regulations

Homeland Security Presidential Directive 7

Sectors

manufacturing