Risk & Compliance Engine

NIST CSF Alignment

How TrustCyber maps your security posture to the NIST Cybersecurity Framework 2.0.

The NIST Cybersecurity Framework (CSF) 2.0 is the most widely adopted cybersecurity framework in the United States and is increasingly used globally. TrustCyber maps your Microsoft 365 security posture to all six NIST CSF functions: Govern, Identify, Protect, Detect, Respond, and Recover.

NIST CSF Functions Coverage

FunctionTrustCyber CoverageKey Controls Assessed
Govern (GV)FullRisk governance, policies, roles, supply chain risk
Identify (ID)FullAsset inventory, risk assessment, vulnerability management
Protect (PR)FullIdentity management, MFA, data protection, secure configuration
Detect (DE)PartialSecurity monitoring, anomaly detection (requires Defender data)
Respond (RS)PartialIncident response plan assessment, communication procedures
Recover (RC)FullBackup coverage, business continuity, recovery planning
NoteDetect and Respond functions are partially covered. Full coverage requires Microsoft Defender for Endpoint and Microsoft Sentinel data, which TrustCyber can ingest if those products are deployed in your environment.
← PreviousFramework Mapping OverviewRisk & Compliance Engine
Next →CIS Controls v8Risk & Compliance Engine