The sole job of Cybersecurity is to identify and mitigate risk. Cybersecurity does not accept risk at all, but we bring it to an acceptable level towards upper management. But in order to identify and mitigate risk, we must follow a set of guidelines to help protect our systems and networks. Fortunately, NIST has developed the Cybersecurity Framework which sets a standard and describes the appropriate steps to developing a well-organized cybersecurity program.

The five functions consist of identification, protection, detection, response, and recovery.

The very first function of the five functions is to identify the assets you are protecting. How are you able to protect something you do not know exists? In addition to finding what you can protect, you must also know how the purpose and responsibilities of each asset, how they work with other assets in the network or system, as well as the potential risks attributed to that asset. Along with physical objects such as servers, desktops, and firewalls, assets may also include digital information such as data on a hard drive. A business should identify not only their assets, but where they stand on the supply chain. All this information is essential to develop a risk management plan.

In addition, the second function of the five functions is to protect your assets. Your most important responsibility is keeping your systems safe. One way this can be achieved is through confidentiality, integrity, and availability. Confidentiality only allows the authorized parties of the information to view the information. The easiest way to manage this is with giving read-write-execute permissions. You should only authorize the intended parties with read and/or write permissions. Integrity ensures the data is left untampered and unmanipulated by external factors. Using hash cryptography (by comparing the hashes of the data) is one way to ensure integrity of the information. Availability ensures the data is readily accessible and viewable by the authorized individuals and parties. Data loss and an unmanageable infrastructure all negatively contribute to the availability of your data. It is also important that your systems should be easily maintainable whether you are directly maintaining it or instead from a remote place. The confidentiality, integrity, and availability of your data as well as maintainability and reliable policies and procedures are important in protecting your assets.

Moreover, detect is the third function of the five functions. Your organization should be able to detect any events and incidents which may potentially lead to a severe and destructive impact. Any anomaly and events must be acknowledged as well as their severity and impact. The effectiveness of protection should also be evaluated. It is recommended for organizations to monitor for any of these anomalies and events to maintain the stability of the infrastructure.

Furthermore, cybersecurity should be able to respond to a cyber event or incident; they should try to prevent and contain as much damage as possible. As Mike Tyson said: "Everybody has a plan until they get punched in the mouth." This also applies to Cybersecurity: you must have a plan developed before an incident occurs. An incident response plan describes what has to be done in the event of an incident. The impact of the incident must also be noted in order to take proper action. In addition, a business should also respond by effectively communicating with the stakeholders. As these incidents are detected and responded to, they should always be learned from by the organization as well as other organizations and companies to prevent this from occuring in the future.

After an incident has been detected and responded to, an organization should figure out how to recover from the incident. The infrastructure should be as resilient as possible to various cybersecurity incidents brought back up to normal operations as quick as possible. Like having a response plan ready, it is also optimal to have a recovery plan ready for a speedy recovery. It is also absolutely crucial for effective communication within and outside your organization as you are recovering. From your recovery, your organization can review the risk management, incident response, and recovery plans, as well as how well your organization follows the Five Functions of the Cybersecurity Framework.

Generally speaking, the Five Functions of NIST's Cybersecurity Framework are key to maintaining and organizing a cybersecurity program. It provides the five crucial aspects of cybersecurity and maintaining your organization. From identifying potential threats to recovering from a data breach, these guidelines will help assess the security of your organization. No matter the size, the Cybersecurity Framework will always fit and better prepare your organization and businesses.