The NIST Cybersecurity Framework document was produced as a list of standards and procedures used to better prioritize the issues of cybersecurity risks, adapting ways to better prevent these risks and innovate systems to enhance the requirement of cybersecurity within an organization. The NIST Cybersecurity Framework is a more inexpensive way to ensure management of cybersecurity risks for an organization or business. There are many benefits that organizations can gain from following the NIST Framework and its procedures, such as a flexibility. Flexibility is a benefit because the Framework is adaptable to many of the organizations distinctive systems and risks. From the NIST Cybersecurity Framework, it is said that organizations are benefited from the use of the guidelines by “increasing customer confidence, enabling more standardized sharing of information, and simplifying operations across legal regimes” (Page 2). Another benefit from the NIST Framework is that the guidelines will not replace an organizations existing risk management process but rather enhance the current pattern that the organization has already established, giving the opportunity to pick and choose which procedure would best fit within the organizations current system due to its high adaptability. The NIST Cybersecurity Framework also benefits organizations greatly by enabling the ability to efficiently detect, prevent, and manage cybersecurity risks.

For my future workplace, I would use the Cybersecurity Framework as a reference to building a better cybersecurity system. Since organizations are constantly expanding with better security processes, I am sure that there will already be an existing system already in place by the time I am employed. I however, would contribute constant improvements from the Cybersecurity Framework into my place of employment to better ensure that there is a flexible and strong cybersecurity risk management system in place as threats become more dynamic over time. I would also use the Cybersecurity framework to prevent, detect, and assess cybersecurity risks and develop strategies to improve these three categories. I would also use the Framework to ensure privacy and civil liberties are protected when a limited amount of personal information is conducted and used.