NIST CSF: RS.MI-1 Subcategory
From NIST's Cyber Security Framework (version 1):
Incidents are contained
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
CSF Mapped to SP800-53 Controls
Generated from NIST's SP800-53/CSF Crosswalk mappings.
Related ISO 27001 Controls
Annex A controls from ISO 27001 (2013) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.
-
Response to information security incidents (16.1.5)
ISO 27001:2013 -
Controls against malware (12.2.1)
ISO 27001:2013
Related ISA/IEC 62443 Controls
Clauses and controls from IEC 62443 (62443-2-1 and 62443-3-3) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.
-
Identify and respond to incidents (4.3.4.5.6)
ISA/IEC 62443-2-1:2009 -
Network segmentation (SR 5.1)
ISA/IEC 62443-3-3:2013 -
Zone boundary protection (SR 5.2)
ISA/IEC 62443-3-3:2013 -
Application partitioning (SR 5.4)
ISA/IEC 62443-3-3:2013
CSF Mapped to the NCSC CAF
Cyber Assessment Framework mappings generated from UK Cabinet Office data.
| Control ID | Name | Description |
|---|---|---|
| A4.a | Supply Chain | The organisation understands and manages security risks to networks and information systems supporting the operation of essential functions that arise as a result of dependencies on external suppliers. This includes ensuring that appropriate measures are employed where third party services are used. |
| B5.a | Resilience Preparation | You are prepared to restore the operation of your essential function following adverse impact. |
| B4.d | Vulnerability Management | You manage known vulnerabilities in your network and information systems to prevent adverse impact on the essential function. |
| B4.c | Secure Management | You manage your organisation's network and information systems that support the operation of essential functions to enable and maintain security. |
| C1.d | Identifying Security Incidents | You contextualise alerts with knowledge of the threat and your systems, to identify those security incidents that require some form of response. |
| C1.c | Generating Alerts | Evidence of potential security incidents contained in your monitoring data is reliably identified and triggers alerts. |
| B4.a | Secure by Design | You design security into the network and information systems that support the operation of essential functions. You minimise their attack surface and ensure that the operation of the essential function should not be impacted by the exploitation of any single vulnerability. |
| C1.a | Monitoring Coverage | The data sources that you include in your monitoring allow for timely identification of security events which might affect the operation of your essential function. |
| B5.b | Design for Resilience | You design the network and information systems supporting your essential function to be resilient to cyber security incidents. Systems are appropriately segregated and resource limitations are mitigated. |