NIST CSF: PR.DS-4 Subcategory

From NIST's Cyber Security Framework (version 1):

Adequate capacity to ensure availability is maintained

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

CSF Mapped to SP800-53 Controls

Generated from NIST's SP800-53/CSF Crosswalk mappings.

Search:

Node
SC-5: Denial-of-service Protection
CP-2: Contingency Plan
AU-4: Audit Log Storage Capacity

Showing 1 to 3 of 3 entries

Related ISO 27001 Controls

Annex A controls from ISO 27001 (2013) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

Capacity management (12.1.3)
ISO 27001:2013
Availability of information processing facilities (17.2.1)
ISO 27001:2013

Related ISA/IEC 62443 Controls

Clauses and controls from IEC 62443 (62443-2-1 and 62443-3-3) which are related to this CSF subcategory, taken from mappings by NIST and additional data from Ofgem.

Resource management (SR 7.2)
ISA/IEC 62443-3-3:2013
Denial of service protection (SR 7.1)
ISA/IEC 62443-3-3:2013

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against. This is based on mappings to associated SP800-53 controls.

Search:

ATT&CK ID	Title	Associated Tactics
T1561	Disk Wipe	Impact
T1561.001	Disk Content Wipe	Impact
T1486	Data Encrypted for Impact	Impact
T1490	Inhibit System Recovery	Impact
T1491.001	Internal Defacement	Impact
T1485	Data Destruction	Impact
T1561.002	Disk Structure Wipe	Impact
T1491.002	External Defacement	Impact
T1491	Defacement	Impact

Showing 1 to 9 of 9 entries

CSF Mapped to the NCSC CAF

Cyber Assessment Framework mappings generated from UK Cabinet Office data.

Search:

Control ID	Name	Description
A3.a	Asset Management	Everything required to deliver, maintain or support networks and information systems necessary for the operation of essential functions is determined and understood. This includes data, people and systems, as well as any supporting infrastructure (such as power or cooling).
B3.b	Data in Transit	You have protected the transit of data important to the operation of the essential function. This includes the transfer of data to third parties.
B5.b	Design for Resilience	You design the network and information systems supporting your essential function to be resilient to cyber security incidents. Systems are appropriately segregated and resource limitations are mitigated.
B3.a	Understanding Data	You have a good understanding of data important to the operation of the essential function, where it is stored, where it travels and how unavailability or unauthorised access, modification or deletion would adversely impact the essential function. This also applies to third parties storing or accessing data important to the operation of essential functions.

Showing 1 to 4 of 4 entries

NIST CSF: PR.DS-4 Subcategory

Cyber Threat Graph Context

CSF Mapped to SP800-53 Controls

Related ISO 27001 Controls

Capacity management (12.1.3)

Availability of information processing facilities (17.2.1)

Related ISA/IEC 62443 Controls

Resource management (SR 7.2)

Denial of service protection (SR 7.1)

MITRE ATT&CK Techniques

CSF Mapped to the NCSC CAF