NIST CSF 2.0 → BSI IT-Grundschutz Zuordnung
Kreuzreferenz zwischen NIST Cybersecurity Framework 2.0 Subkategorien und BSI IT-Grundschutz Bausteinen.
Diese Seite ordnet NIST Cybersecurity Framework 2.0 Subkategorien den BSI IT-Grundschutz Bausteinen zu. NIST CSF 2.0 bietet eine Taxonomie von Cybersecurity-Ergebnissen in sechs Kernfunktionen: Govern, Identify, Protect, Detect, Respond und Recover.
DE.AE-02
Potentially adverse events are analyzed to better characterize the events
DE.AE-03
Information is correlated from multiple sources
DE.AE-04
The estimated impact and scope of adverse events are understood
DE.AE-06
Information on adverse events is provided to authorized staff and tools
DE.AE-07
Cyber threat intelligence and other contextual information are integrated into the analysis of adverse events
DE.CM-01
Networks and network services are monitored to find potentially adverse events
DE.CM-02
The physical environment is monitored to find potentially adverse events
DE.CM-03
Personnel activity and technology usage are monitored to find potentially adverse events
DE.CM-06
External service provider activities and services are monitored to find potentially adverse events
DE.CM-09
Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events
GV.OC-01
The organizational mission is understood and informs cybersecurity risk management
GV.OC-03
Legal, regulatory, and contractual requirements regarding cybersecurity — including privacy and civil liberties obligations — are understood and managed
GV.OV-01
Cybersecurity risk management strategy outcomes are reviewed to inform and adjust strategy and direction
GV.OV-02
The cybersecurity risk management strategy is reviewed and adjusted to ensure its continued utility
GV.PO-01
Policy for managing cybersecurity risks is established
GV.PO-02
Policy for managing cybersecurity risks is reviewed, updated, communicated, and enforced
GV.RM-01
Risk management objectives are established and agreed to by organizational stakeholders
GV.RM-06
A standardized process for communicating cybersecurity risks is established and used
GV.RR-01
Organizational leadership is responsible and accountable for cybersecurity risk
GV.RR-02
Roles, responsibilities, and authorities related to cybersecurity risk management are established
GV.SC-01
A cybersecurity supply chain risk management program, strategy, objectives, policies, and processes are established and agreed to by organizational stakeholders
GV.SC-03
Cybersecurity supply chain risk management is integrated into cybersecurity and enterprise risk management, risk assessment, and improvement processes
GV.SC-04
Suppliers are known and prioritized by criticality
GV.SC-05
Requirements to address cybersecurity risks in supply chains are established
GV.SC-06
Planning and due diligence are performed to reduce risks before entering into formal supplier or other third-party relationships
GV.SC-07
Risks posed by suppliers, their products and services, and other third parties are understood
GV.SC-09
Supply chain security practices are integrated into cybersecurity and enterprise risk management programs
GV.SC-10
Cybersecurity supply chain risk management plans include provisions for activities that occur after the conclusion of a partnership or service agreement
ID.AM-01
Inventories of hardware managed by the organization are maintained
ID.AM-02
Inventories of software, services, and systems managed by the organization are maintained
ID.AM-03
Representations of the organization's authorized network communication and internal and external network data flows are maintained
ID.AM-05
Assets are prioritized based on classification, criticality, resources, and impact on the mission
ID.IM-01
Improvements are identified from evaluations
ID.IM-02
Improvements are identified from security tests and exercises, including those done in coordination with suppliers and relevant third parties
ID.IM-03
Improvements are identified from execution of operational processes and procedures
ID.RA-01
Vulnerabilities in assets are identified, validated, and recorded
ID.RA-03
Internal and external threats to the organization are identified and recorded
PR.AA-01
Identities and credentials for authorized users, services, and hardware are managed by the organization
PR.AA-02
Identities are proofed and bound to credentials based on the context of interactions
PR.AA-03
Users, services, and hardware are authenticated
PR.AA-05
Access permissions, entitlements, and authorizations are defined in a policy, managed, enforced, and reviewed
APP.1.2
APP.1.2 Webbrowser
APP.2.1
APP.2.1 Allgemeiner Verzeichnisdienst
APP.2.3
APP.2.3 OpenLDAP
APP.3.1
APP.3.1 Webanwendungen und Webservices
APP.4.2
APP.4.2 SAP-ERP-System
CON.7
CON.7 Informationssicherheit auf Auslandsreisen
ORP.2
ORP.2 Personal
ORP.4
ORP.4 Identitäts- und Berechtigungsmanagement
SYS.3.1
SYS.3.1 Laptops
SYS.3.2.1
SYS.3.2.1 Allgemeine Smartphones und Tablets
SYS.3.2.2
SYS.3.2.2 Mobile Device Management (MDM)
SYS.3.2.3
SYS.3.2.3 iOS (for Enterprise)
SYS.3.2.4
SYS.3.2.4 Android
SYS.3.3
SYS.3.3 Mobiltelefon
SYS.4.5
SYS.4.5 Wechseldatenträger
PR.AA-06
Physical access to assets is managed, monitored, and enforced commensurate with risk
INF.1
INF.1 Allgemeines Gebäude
INF.10
INF.10 Besprechungs-, Veranstaltungs- und Schulungsräume
INF.2
INF.2 Rechenzentrum sowie Serverraum
INF.5
INF.5 Raum sowie Schrank für technische Infrastruktur
INF.6
INF.6 Datenträgerarchiv
INF.7
INF.7 Büroarbeitsplatz
INF.8
INF.8 Häuslicher Arbeitsplatz
INF.9
INF.9 Mobiler Arbeitsplatz
ORP.4
ORP.4 Identitäts- und Berechtigungsmanagement
PR.AT-01
Personnel are provided with awareness and training so that they possess the knowledge and skills to perform general tasks with cybersecurity risks in mind
PR.AT-02
Individuals in specialized roles are provided with awareness and training so that they possess the knowledge and skills to perform relevant tasks
PR.DS-01
The confidentiality, integrity, and availability of data-at-rest are protected
PR.DS-02
The confidentiality, integrity, and availability of data-in-transit are protected
APP.1.4
APP.1.4 Mobile Anwendungen (Apps)
APP.3.1
APP.3.1 Webanwendungen und Webservices
APP.3.2
APP.3.2 Webserver
APP.3.3
APP.3.3 Fileserver
APP.3.4
APP.3.4 Samba
APP.3.6
APP.3.6 DNS-Server
APP.5.3
APP.5.3 Allgemeiner E-Mail-Client und -Server
APP.5.4
APP.5.4 Unified Communications und Collaboration (UCC)
CON.1
CON.1 Kryptokonzept
CON.6
CON.6 Löschen und Vernichten
CON.7
CON.7 Informationssicherheit auf Auslandsreisen
NET.2.1
NET.2.1 WLAN-Betrieb
NET.2.2
NET.2.2 WLAN-Nutzung
NET.3.3
NET.3.3 VPN
NET.4.1
NET.4.1 TK-Anlagen
NET.4.2
NET.4.2 VoIP
NET.4.3
NET.4.3 Faxgeräte und Faxserver
PR.DS-03
Assets are formally managed throughout removal, transfers, and disposition
PR.DS-10
The confidentiality, integrity, and availability of data-in-use are protected
PR.DS-11
Backups of data are created, protected, maintained, and tested
PR.IR-01
Networks and environments are protected from unauthorized logical access and usage
APP.3.6
APP.3.6 DNS-Server
CON.7
CON.7 Informationssicherheit auf Auslandsreisen
IND.1
IND.1 Prozessleit- und Automatisierungstechnik
IND.2.1
IND.2.1 Allgemeine ICS-Komponente
IND.2.2
IND.2.2 Speicherprogrammierbare Steuerung (SPS)
IND.2.3
IND.2.3 Sensoren und Aktoren
IND.2.7
IND.2.7 Safety Instrumented Systems
IND.3.2
IND.3.2 Fernwartung im industriellen Umfeld
NET.1.1
NET.1.1 Netzarchitektur und -design
NET.1.2
NET.1.2 Netzmanagement
NET.2.1
NET.2.1 WLAN-Betrieb
NET.2.2
NET.2.2 WLAN-Nutzung
NET.3.1
NET.3.1 Router und Switches
NET.3.2
NET.3.2 Firewall
NET.3.3
NET.3.3 VPN
NET.3.4
NET.3.4 Network Access Control
NET.4.1
NET.4.1 TK-Anlagen
NET.4.2
NET.4.2 VoIP
NET.4.3
NET.4.3 Faxgeräte und Faxserver
OPS.1.2.2
OPS.1.2.2 Archivierung
OPS.1.2.6
OPS.1.2.6 NTP-Zeitsynchronisation
OPS.2.2
OPS.2.2 Cloud-Nutzung
SYS.1.2.2
SYS.1.2.2 Windows Server 2012
SYS.1.5
SYS.1.5 Virtualisierung
SYS.1.6
SYS.1.6 Containerisierung
SYS.4.1
SYS.4.1 Drucker, Kopierer und Multifunktionsgeräte
PR.IR-02
Mechanisms to achieve resilience requirements are implemented
IND.3.2
IND.3.2 Fernwartung im industriellen Umfeld
INF.1
INF.1 Allgemeines Gebäude
INF.12
INF.12 Verkabelung
INF.13
INF.13 Technisches Gebäudemanagement
INF.14
INF.14 Gebäudeautomation
INF.2
INF.2 Rechenzentrum sowie Serverraum
INF.5
INF.5 Raum sowie Schrank für technische Infrastruktur
NET.1.1
NET.1.1 Netzarchitektur und -design
SYS.1.8
SYS.1.8 Speicherlösungen
PR.IR-03
The organization's communications and technology infrastructure is prepared for impairment or failures
PR.IR-04
Adequate resource capacity to ensure availability is maintained
PR.PS-01
Configuration management practices are established and applied
APP.4.2
APP.4.2 SAP-ERP-System
APP.4.4
APP.4.4 Kubernetes
IND.2.1
IND.2.1 Allgemeine ICS-Komponente
IND.2.2
IND.2.2 Speicherprogrammierbare Steuerung (SPS)
IND.2.3
IND.2.3 Sensoren und Aktoren
IND.2.4
IND.2.4 Maschine
IND.2.7
IND.2.7 Safety Instrumented Systems
NET.1.2
NET.1.2 Netzmanagement
NET.3.1
NET.3.1 Router und Switches
OPS.1.1.1
OPS.1.1.1 Allgemeiner IT-Betrieb
OPS.1.2.6
OPS.1.2.6 NTP-Zeitsynchronisation
SYS.1.1
SYS.1.1 Allgemeiner Server
SYS.1.2.2
SYS.1.2.2 Windows Server 2012
SYS.1.2.3
SYS.1.2.3 Windows Server
SYS.1.3
SYS.1.3 Server unter Linux und Unix
SYS.1.5
SYS.1.5 Virtualisierung
SYS.1.6
SYS.1.6 Containerisierung
SYS.1.7
SYS.1.7 IBM Z
SYS.1.8
SYS.1.8 Speicherlösungen
SYS.1.9
SYS.1.9 Terminalserver
SYS.2.1
SYS.2.1 Allgemeiner Client
SYS.2.2.3
SYS.2.2.3 Clients unter Windows
SYS.2.3
SYS.2.3 Clients unter Linux und Unix
SYS.2.4
SYS.2.4 Clients unter macOS
SYS.2.5
SYS.2.5 Client-Virtualisierung
SYS.2.6
SYS.2.6 Virtual Desktop Infrastructure
SYS.3.1
SYS.3.1 Laptops
SYS.3.2.1
SYS.3.2.1 Allgemeine Smartphones und Tablets
SYS.3.2.2
SYS.3.2.2 Mobile Device Management (MDM)
SYS.3.2.3
SYS.3.2.3 iOS (for Enterprise)
SYS.3.2.4
SYS.3.2.4 Android
SYS.3.3
SYS.3.3 Mobiltelefon
SYS.4.1
SYS.4.1 Drucker, Kopierer und Multifunktionsgeräte
SYS.4.3
SYS.4.3 Eingebettete Systeme
SYS.4.4
SYS.4.4 Allgemeines IoT-Gerät
SYS.4.5
SYS.4.5 Wechseldatenträger
PR.PS-02
Software is maintained, replaced, and removed commensurate with risk
APP.1.1
APP.1.1 Office-Produkte
APP.1.2
APP.1.2 Webbrowser
APP.5.2
APP.5.2 Microsoft Exchange und Outlook
APP.5.4
APP.5.4 Unified Communications und Collaboration (UCC)
APP.6
APP.6 Allgemeine Software
OPS.1.1.1
OPS.1.1.1 Allgemeiner IT-Betrieb
OPS.1.1.2
OPS.1.1.2 Ordnungsgemäße IT-Administration
OPS.1.1.4
OPS.1.1.4 Schutz vor Schadprogrammen
SYS.1.1
SYS.1.1 Allgemeiner Server
SYS.1.2.2
SYS.1.2.2 Windows Server 2012
SYS.1.2.3
SYS.1.2.3 Windows Server
SYS.1.3
SYS.1.3 Server unter Linux und Unix
SYS.1.7
SYS.1.7 IBM Z
SYS.2.1
SYS.2.1 Allgemeiner Client
SYS.2.2.3
SYS.2.2.3 Clients unter Windows
SYS.2.3
SYS.2.3 Clients unter Linux und Unix
SYS.2.4
SYS.2.4 Clients unter macOS
SYS.2.5
SYS.2.5 Client-Virtualisierung
SYS.2.6
SYS.2.6 Virtual Desktop Infrastructure
SYS.4.4
SYS.4.4 Allgemeines IoT-Gerät
PR.PS-03
Hardware is maintained to reduce vulnerabilities
PR.PS-04
Log records are generated to enable monitoring, forensics, and incident response
PR.PS-05
Installation and execution of unauthorized software are prevented
PR.PS-06
Secure software development practices are integrated, and their security is evaluated
APP.1.1
APP.1.1 Office-Produkte
APP.1.4
APP.1.4 Mobile Anwendungen (Apps)
APP.3.1
APP.3.1 Webanwendungen und Webservices
APP.3.2
APP.3.2 Webserver
APP.4.3
APP.4.3 Relationale Datenbanken
APP.4.4
APP.4.4 Kubernetes
APP.4.6
APP.4.6 SAP ABAP-Programmierung
APP.7
APP.7 Entwicklung von Individualsoftware
CON.8
CON.8 Software-Entwicklung
RC.RP-01
The recovery portion of the incident response plan is executed
RC.RP-02
Recovery actions are selected, scoped, prioritized, and performed
RC.RP-03
The integrity of backups and other restoration assets is verified before using them in restoration
RS.AN-03
Analysis is performed to establish what has occurred during an incident
RS.AN-06
Actions performed during an investigation are recorded, and the records' integrity and provenance are preserved
RS.CO-02
Internal and external stakeholders are notified of incidents in a timely manner
RS.MA-01
The incident response plan is executed in coordination with relevant third parties once an incident is declared
RS.MA-04
Incidents are categorized and classified
Diese Zuordnungen dienen als Referenz und ersetzen keine professionelle Compliance-Bewertung.