Last week we went through a brief overview of the primary functions of the cybersecurity framework. This week we'll dive a bit deeper into the identify and protect functions. The activities and the identify function are really foundational for effectively utilizing the cybersecurity framework as a whole. It's critical to understand the business context, the resources that support critical business functions and the related cybersecurity risks that allow a business or organization to focus on and prioritize its efforts consistent with its risk management strategy and business needs. Some examples of outcome categories within this function include asset management, business, environment, governance, risk assessment and risk management strategy.

The PROTECT Function supports a business or organization's ability to limit or contain the impact of a potential cybersecurity event. Examples of outcome categories within this function include identity management and access control, awareness and training, data security information protection processes and procedures. Maintenance and protective technology.