Organizations stand to gain significantly from using the National Institute of Standards and Technology (NIST) Framework, as it identifies the most cost-effective approaches to help organizations designated as critical infrastructure for the United States. This framework offers not only a flexible but also a performance-based response that can be adopted by owners to address cyber risks. With the Framework, organizations can improve their existing risk management processes or create new ones based on it. In a future workplace, I would use the Framework as a guide to first develop a risk management process. After establishing a process based on the Framework, I would then use the elements of the Framework Core to continue building a flexible risk management system capable of responding to a wide variety of cyber threats.