The fifth and final function in the NIST Cybersecurity Framework v1.1, known as “RECOVER,” entails the development and implementation of strategies to restore systems, services, and processes to their normal functioning in the aftermath of a cybersecurity incident, especially when prior functions like “Protect,” “Detect,” and “Respond” have proven insufficient.
Although NIST has already released the NIST Cybersecurity Framework version 2.0 on August 15th, 2023 (this year), which includes the “GOVERNANCE” component, we won’t delve into it until a six-month period allowing for necessary changes and adjustments by the regulatory body. Any further modifications and discussions concerning “Governance” will be published on Fixitgearware Security, a week after the final release of the version 2.0 in 2024, by NIST.
This is to keep in line with the announcement from the official website emphasizing that:
"Aspects related to the presentation and functionality of this Tool are still under development. Informative References will be added once CSF 2.0 is finalized in early 2024, which will help to show the connection between the CSF and other cybersecurity frameworks, standards, guidelines, and resources. Since CSF 2.0 Implementation Examples and Informative References will be updated more frequently than the rest of the Core, they will be published and maintained online only."
Below is the cheat sheet on how to go about the “RECOVER” after an Incident (Cybersecurity Breach) of your organization.
Put your comments below in the comment section on your thoughts about this.