Mapping & Analysis: CIS Critical Security Controls to NIST Cybersecurity Framework to Risk Management Framework 800-53 Security Controls

Sources:

• Organizations:
• National Institute of Technology (NIST)
• Center for Internet Security
• Data Sources:
• NIST CSF Framework
• NIST SP 800-53 (r5)
• CIS Critical Security Controls

The bar chart below provides both CIS security controls and NIST security control/enhancement counts by NIST Cybersecurity Framework Function. Based on these counts the NIST CSF incorporates 126 of 153 (82%) of the CIS critical security controls.