Skip to Main Content

NIST Functions for Information Security Initiatives

The future state security initiatives are designed to address major technical and nontechnical challenges that hinder UCLA's overall cybersecurity maturity.

They are organized under the five functions of the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF). Organizing our initiatives under this framework offers guidelines on how to best enhance the maturity of our current cybersecurity posture, as well as better manage and reduce enterprise risk. 

Leadership support and buy-in, as well as collaboration with and among units, is required for the execution of initiatives tied to the five NIST functions. The result is a mature information security future state at UCLA.


magnifying glass icon


The Identify Function assists in developing an organizational understanding to managing cybersecurity risk to systems, people, assets, data, and capabilities. Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs.



shield icon


The Protect Function outlines appropriate safeguards to ensure delivery of critical infrastructure services. The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event.



exclamation point icon


The Detect Function defines the appropriate activities to identify the occurrence of a cybersecurity event. The Detect Function enables timely discovery of cybersecurity events.




gear icon


The Respond Function includes appropriate activities to take action regarding a detected cybersecurity incident. The Respond Function supports the ability to contain the impact of a potential cybersecurity incident.



wrench icon


The Recover Function identifies appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident. The Recover Function supports timely recovery to normal operations to reduce the impact from a cybersecurity incident.