Cyber-Security Framework: Protect

The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event.


Appropriate safeguards in place to ensure delivery of critical infrastructure services.

  • Protections for Identity Management and Access Control within the organization including physical and remote access
  • Empowering staff within the organization through Awareness and Training including role based and privileged user training
  • Establishing Data Security protection consistent with the organization’s risk strategy to protect the confidentiality, integrity, and availability of information
  • Implementing Information Protection Processes and Procedures to maintain and manage the protections of information systems and assets
  • Protecting organizational resources through Maintenance, including remote maintenance, activities
  • Managing Protective Technology to ensure the security and resilience of systems and assets are consistent with organizational policies, procedures, and agreements
Benefit to Business
  • Provides real protection against threats
  • Provides visibility into critical security events
  • Correlates data from many sources to identify Patient Zero
  • Managed Detection and Response to Security Events
  • Human and AI analytics to reduce false positives