From the readings of pages 1 – 21 of the NIST Cybersecurity Framework, I believe the benefit of utilizing the NIST that organizations can gain from is, ultimately an opportunity to provide a structured and systematic approach to managing cybersecurity risks. Furthermore, the NIST Cybersecurity Framework is capable of being tailored to an organizations goal of strengthening their cybersecurity practices, in order to deliver uninterrupted operations to its customers. It’s important to note however, this benefit is dependent upon the organizations risk assessment to their cybersecurity management, which can be accomplished through the Framework’s Core, Implementation Tiers, and Profiles. These three parts reinforce the connection between an organizations mission and its cybersecurity activities (Framework for Improving Critical Infrastructure Cybersecurity, 2018). As a result, an organization can strengthen their cybersecurity needs and effectively implement and understand the best practices within their organizations cybersecurity program.

I would use the NIST Cybersecurity Framework basics of Framework Core, Implementation Tiers, and Framework Profile in that order, and as mentioned above at my future workplace. By using the NIST Cybersecurity Framework basics, a baseline risk assessment can be established, followed by the Framework’s Core elements of functions: identify, protect, detect, respond, and recover to target outcomes for the organization. Furthermore, the Implementation Tiers will prioritize the outcomes from the Framework Core and lastly, the Framework Profile will provide a clear scope for the organization in implementing cybersecurity risk management.

Reference:
Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1. (2018). https://doi.org/10.6028/nist.cswp.04162018