Cisco Security Portfolio Mapping to NIST CSF 2.0 Solution Guide

Available Languages

Download Options

  • PDF
    (299.1 KB)
    View with Adobe Reader on a variety of devices
Updated:April 17, 2025

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Available Languages

Download Options

  • PDF
    (299.1 KB)
    View with Adobe Reader on a variety of devices
Updated:April 17, 2025
 

 

The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) was initially developed to provide organizations with a comprehensive, yet flexible, approach to managing and mitigating cybersecurity risks. It serves as a foundational guide for improving cybersecurity practices, offering a structured framework that is both cost-effective and adaptable to various industries and organization sizes. The NIST CSF is built around five core functions: IDENTIFY, PROTECT, DETECT, RESPOND, and RECOVER, which together create a holistic view of an organization’s cybersecurity posture.

Updated in February 2024, NIST CSF 2.0 has been updated to reflect the evolving cybersecurity landscape. This latest version retains the core principles of the original framework while incorporating new insights and addressing emerging threats and technologies, including increased emphasis on supply chain risk management and the integration of cybersecurity with broader enterprise risk management. It aims to foster communication across organizations and sectors, making it applicable to businesses of all sizes and types.

This Solution Guide provides a detailed mapping of the Cisco Security portfolio to NIST CSF 2.0, showcasing how Cisco’s security solutions align with the framework’s core functions. By utilizing this guide, organizations can enhance their cybersecurity posture and streamline risk management, ensuring alignment with industry best practices.

Figure 1: “Cisco Capability mapping to NIST CSF 2.0” shows the alignment of the Cisco Security portfolio with the NIST CSF 2.0 framework. This table serves as a valuable resource for understanding how Cisco’s security solutions support each function and category of the framework, enabling organizations to strategically integrate these capabilities into their cybersecurity strategies for enhanced risk management and compliance.

This Solutions Guide takes an additional step by mapping the categories of NIST CSF 2.0 to other significant frameworks utilized in both the United States and Europe, including NIST 800-53, CIS Controls v8, ISO 27001:2022, CMMC 2.0, and the MITRE ATT&CK as well as the EU DORA and NIS2. This enables you to cross-reference and align the Cisco Security portfolio with these frameworks, facilitating a comprehensive understanding and application across different regulatory and security standards.

Referencing Figure 1: Cisco Capability mapping to NIST CSF 2.0 in this section and the sections below will allow you to see where the other frameworks match NIST CSF 2.0. This provides a direct mapping of the Cisco Security portfolio.

Cisco Capability mapping to NIST CSF 2.0

Figure 1.           

Cisco Capability mapping to NIST CSF 2.0

Below, you will find a list of these key frameworks, accompanied by a brief description and a link for further exploration:

NIST 800-53: This is a set of guidelines published by the NIST to provide a comprehensive catalog of security and privacy controls for federal information systems and organizations, aiming to protect organizational operations, assets, individuals, and the nation.

CIS Controls v8: The Center for Internet Security (CIS) Controls v8 is a prioritized set of best practices created to help organizations strengthen their cybersecurity posture. It provides specific, actionable ways to stop today’s most pervasive and dangerous attacks.

ISO 27001: ISO 27001 is an international standard that outlines the requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS) to manage the security of assets such as financial information, intellectual property, employee details, or information entrusted by third parties.

CMMC: The Cybersecurity Maturity Model Certification (CMMC) is a framework designed by the U.S. Department of Defense to ensure that contractors have the necessary cybersecurity practices and processes in place to protect sensitive information, particularly within the defense industrial base.

MITRE ATT&CK: The MITRE ATT&CK framework is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations, used to help organizations understand, detect, and respond to cyber threats.

DORA: The Digital Operational Resilience Act (DORA) is a regulation by the European Union aimed at strengthening the IT security and operational resilience of financial institutions and service providers within the EU, ensuring they can withstand, respond to, and recover from all types of ICT-related disruptions and threats.

NIS2: The Network and Information Security Directive 2 (NIS2) is an EU directive aimed at enhancing the cybersecurity posture across the union by establishing measures for a high common level of cybersecurity for network and information systems across member states.

This is a substantial mapping exercise that follows the methodology outlined in NIST Internal Report (IR) 8477 “Mapping Relationships Between Documentary Standards, Regulations, Frameworks, and Guidelines”. NIST IR 8477 describes the NIST’s approach to mapping the elements of documentary standards, regulations, frameworks, and guidelines to a particular NIST publication (NIST CSF 2.0 in this instance).

Mapping NIST CSF 2.0 IDENTIFY to Other Frameworks

Below, you will find how NIST CSF 2.0 IDENTIFY categories – ID.AM (Asset Management), ID.RA (Risk Assessment), and ID.IM (Information Management) – correspond to specific categories or controls in the frameworks mentioned.

Note:       The mappings are based on conceptual alignment between the frameworks as per NIST IR 8477 methodology.

Cybersecurity Framework

ID.AM (Asset Management) Alignment

NIST 800-53 Rev 5

CM-8, PM-5, CA-9, CM-2, CM-9

CIS Controls v8

Control 1, Control 2

ISO 27001:2022

5.9, 5.10, 5.11, 8.1

CMMC 2.0

AC.L1-3.1.20, CM.L2-3.4.1, CM.L2-3.4.2, CM.L2-3.4.3

MITRE ATT&CK

TA0001, TA0007

DORA

Article 6, Article 11, Article 28

NIS2

Article 21, Annex I - Section 2(a)

 

Cybersecurity Framework

ID.RA (Risk Assessment) Alignment

NIST 800-53 Rev 5

RA-1, RA-2, RA-3, RA-5, PM-15, PM-16

CIS Controls v8

Control 4, Control 7, Control 10, Control 13

ISO 27001:2022

6.1, 6.1.2, 6.1.3, 8.7, 8.8

CMMC 2.0

RM.L1-3.11.1, RM.L2-3.11.2, RM.L2-3.11.3

MITRE ATT&CK

TA0043, TA0042, TA0001

DORA

Article 6, Article 7, Article 8, Article 13

NIS2

Article 21, Annex I - Section 2(b), Annex I - Section 2(c), Annex I - Section 2(d)

 

Cybersecurity Framework

ID.IM (Improvement) Alignment

NIST 800-53 Rev 5

CA-1, CA-2, CA-5, CA-7, PM-6

CIS Controls v8

Control 8, Control 17, Control 18

ISO 27001:2022

9.1, 9.2, 9.3, 10.1, 10.2

CMMC 2.0

CA.L2-3.12.1, CA.L2-3.12.2, CA.L2-3.12.3, CA.L2-3.12.4

DORA

Article 6(6), Article 29, Article 30

NIS2

Article 21(2), Annex I - Section 2(f), Annex I - Section 2(g)

Mapping NIST CSF 2.0 PROTECT to Other Frameworks

Right, you will find how NIST CSF 2.0 PROTECT – PR.AA (Identity Management, Authentication, and Access Control), PR.AT (Awareness and Training), PR.DS (Data Security), PR.PS (Protective Technology), and PR.IR (Technology Infrastructure Resilience) – correspond to specific categories or controls in the mentioned frameworks.

Note:       The mappings are based on conceptual alignment between the frameworks as per NIST IR 8477 methodology.

Cybersecurity Framework

PR.AA (Identity Management, Authentication, and Access Control) Alignment

NIST 800-53 Rev 5

AC-1, AC-2, AC-3, AC-6, AC-17, IA-2, IA-4, IA-5, PE-2, PE-3

CIS Controls v8

Control 5, Control 6, Control 12

ISO 27001:2022

5.15, 5.16, 5.17, 5.18, 8.2, 8.3, 8.4

CMMC 2.0

AC.L1-3.1.1, AC.L1-3.1.2, AC.L2-3.1.3, AC.L2-3.1.4, AC.L2-3.1.5, IA.L2-3.5.1, IA.L2-3.5.2, IA.L2-3.5.3, PE.L2-3.10.1

MITRE ATT&CK

TA0001, TA0006, TA0004, TA0005, TA0008

DORA

Article 16, Article 18, Article 20

NIS2

Article 21, Annex I - Section 2(a), Annex I - Section 2(e)

 

Cybersecurity Framework

PR.AT (Awareness and Training) Alignment

NIST 800-53 Rev 5

AT-1, AT-2, AT-3, AT-4, PM-13

CIS Controls v8

Control 14

ISO 27001:2022

7.2, 7.3,8.5

CMMC 2.0

AT.L1-3.2.1, AT.L2-3.2.2, AT.L2-3.2.3

DORA

Article 13(3), Article 16(2)

NIS2

Article 21(2)(d), Annex I - Section 2(g)

 

Cybersecurity Framework

PR.DS (Data Security) Alignment

NIST 800-53 Rev 5

MP-2, MP-4, MP-5, MP-6, SC-8, SC-12, SC-13, SC-28, SI-7

CIS Controls v8

Control 3, Control 11, Control 16

ISO 27001:2022

5.12, 5.13, 5.14, 8.9, 8.10, 8.11, 8.24

CMMC 2.0

MP.L1-3.8.1, MP.L1-3.8.2, MP.L2-3.8.4, MP.L2-3.8.5, MP.L2-3.8.6, MP.L2-3.8.7, MP.L2-3.8.8, SC.L1-3.13.1, SC.L1-3.13.5, SC.L2-3.13.8, SC.L2-3.13.11

MITRE ATT&CK

TA0009, TA0010, TA0040

DORA

Article 11, Article 16, Article 17

NIS2

Article 21, Annex I - Section 2(a), Annex I - Section 2(c)

 

Cybersecurity Framework

PR.PS (Protective Security) Alignment

NIST 800-53 Rev 5

CM-3, CM-5, CM-7, CM-10, CM-11, SA-3, SA-8, SA-10, SA-11, SA-15

CIS Controls v8

Control 2, Control 4, Control 16

ISO 27001:2022

8.9, 8.25, 8.26, 8.27, 8.28, 8.29, 8.30, 8.31

CMMC 2.0

CM.L2-3.4.5, CM.L2-3.4.6, CM.L2-3.4.7, CM.L2-3.4.8, CM.L2-3.4.9

MITRE ATT&CK

TA0005, TA0003, TA0002

DORA

Article 16, Article 19, Article 22

NIS2

Article 21, Annex I - Section 2(e)

 

Cybersecurity Framework

PR.IR (Technology Infrastructure Resilience) Alignment

NIST 800-53 Rev 5

CP-2, CP-7, CP-8, CP-9, CP-10, PE-9, PE-10, PE-11, PE-13, PE-14, PE-15, SC-5, SC-6

CIS Controls v8

Control 11, Control 12, Control 13

ISO 27001:2022

8.4, 8.10, 8.11, 8.12, 8.16, 8.17, 8.22

CMMC 2.0

CP.L2-3.8.5, CP.L2-3.8.6, CP.L2-3.8.7, CP.L2-3.8.8, CP.L2-3.8.9, PE.L2-3.10.2, PE.L2-3.10.3, PE.L2-3.10.4, PE.L2-3.10.6

MITRE ATT&CK

TA0040, TA0011

DORA

Article 11, Article 17, Article 28

NIS2

Article 21, Annex I - Section 2(c), Annex I - Section 2(e)

 

Mapping NIST CSF 2.0 DETECT to Other Frameworks

Below, you will find how NIST CSF 2.0 DETECT categories – DE.CM (Security Continuous Monitoring) and DE.AE (Anomalies and Events) – correspond to specific categories or controls in the mentioned frameworks.

Note:       The mappings are based on conceptual alignment between the frameworks as per NIST IR 8477 methodology.

Cybersecurity Framework

DE.CM (Security Continuous Monitoring) Alignment

NIST 800-53 Rev 5

AU-2, AU-6, AU-12, CA-7, CM-3, CM-6, RA-5, SC-5,
SC-7, SI-4, SI-5

CIS Controls v8

Control 7, Control 8, Control 9, Control 10, Control 13

ISO 27001:2022

8.12, 8.13, 8.14, 8.15, 8.16, 8.17, 8.22, 8.23

CMMC 2.0

AU.L2-3.3.1, AU.L2-3.3.2, AU.L2-3.3.3, AU.L2-3.3.4, AU.L2-3.3.5, AU.L2-3.3.6, AU.L2-3.3.7, CA.L2-3.12.1, CA.L2-3.12.3, SI.L2-3.14.6, SI.L2-3.14.7

MITRE ATT&CK

TA0011, TA0008, TA0010, TA0009

DORA

Article 13, Article 16, Article 19, Article 21

NIS2

Article 21, Annex I - Section 2(a), Annex I - Section 2(b), Annex I - Section 2(f)

 

Cybersecurity Framework

DE.AE (Anomalies and Events) Alignment

NIST 800-53 Rev 5

AU-6, CA-7, IR-4, IR-5, IR-8, SI-4, SI-12

CIS Controls v8

Control 8, Control 13, Control 17

ISO 27001:2022

8.12, 8.13, 8.16, 8.17, 8.18, 8.19, 8.20, 8.21

CMMC 2.0

AU.L2-3.3.4, AU.L2-3.3.5, IR.L2-3.6.1, IR.L2-3.6.2, IR.L2-3.6.3, SI.L2-3.14.3, SI.L2-3.14.4, SI.L2-3.14.6

MITRE ATT&CK

TA0005, TA0003, TA0004, TA0040

DORA

Article 13, Article 16, Article 19, Article 21, Article 22

NIS2

Article 21, Annex I - Section 2(a), Annex I - Section 2(b), Annex I - Section 2(f)

 

Mapping NIST CSF 2.0 RESPOND to Other Frameworks

Below, you will find how NIST CSF 2.0 RESPOND categories – RS.MA (Incident Response Management), RS.AN (Incident Analysis), RS.CO (Communications), and RS.MI (Mitigation) – correspond to specific categories or controls in the mentioned frameworks.

Note:       The mappings are based on conceptual alignment between the frameworks as per NIST IR 8477 methodology.

Cybersecurity Framework

RS.MA (Incident Response Management) Alignment

NIST 800-53 Rev 5

IR-3, IR-4, IR-8, IR-9, PM-15

CIS Controls v8

Control 17

ISO 27001:2022

8.18, 8.19, 8.20, 8.21, 8.36

CMMC 2.0

IR.L2-3.6.1, IR.L2-3.6.2, IR.L2-3.6.3

DORA

Article 19, Article 20, Article 21

NIS2

Article 21, Article 23, Annex I - Section 2(b)

 

Cybersecurity Framework

RS.AN (Incident Analysis) Alignment

NIST 800-53 Rev 5

AU-6, CP-2, IR-4, IR-5, RA-3, SI-4, SI-5

CIS Controls v8

Control 8, Control 13, Control 17

ISO 27001:2022

8.12, 8.13, 8.18, 8.19, 8.20, 8.36

CMMC 2.0

AU.L2-3.3.4, AU.L2-3.3.5, IR.L2-3.6.1, IR.L2-3.6.2

MITRE ATT&CK

TA0001, TA0002, TA0003, TA0004, TA0005

DORA

Article 13, Article 19, Article 20

NIS2

Article 21, Article 23, Annex I - Section 2(b)

 

Cybersecurity Framework

RS.CO (Communications) Alignment

NIST 800-53 Rev 5

CP-2, CP-3, IR-4, IR-6, IR-8, IR-10

CIS Controls v8

Control 17

ISO 27001:2022

8.18, 8.19, 8.20, 8.21, 8.36, 8.37

CMMC 2.0

IR.L2-3.6.1, IR.L2-3.6.2, IR.L2-3.6.3

DORA

Article 19, Article 20, Article 24, Article 25

NIS2

Article 23, Article 24, Annex I - Section 2(b)

 

Cybersecurity Framework

RS.MI (Mitigation) Alignment

NIST 800-53 Rev 5

IR-4, IR-5, IR-9, SC-7, SI-3, SI-4, SI-7

CIS Controls v8

Control 10, Control 13, Control 17

ISO 27001:2022

8.16, 8.18, 8.20, 8.21, 8.22, 8.23

CMMC 2.0

IR.L2-3.6.1, IR.L2-3.6.2, SI.L2-3.14.1, SI.L2-3.14.2, SI.L2-3.14.5

MITRE ATT&CK

TA0011, TA0010, TA0040, TA0008

DORA

Article 13, Article 19, Article 20, Article 21

NIS2

Article 21, Annex I - Section 2(b), Annex I - Section 2(d)

Mapping NIST CSF 2.0 RECOVER to Other Frameworks

Below, you will find how NIST CSF 2.0 RECOVER categories – RC.RP (Incident Recovery Plan Execution) and RC.CO (Incident Recovery Communication) – correspond to specific categories or controls in the mentioned frameworks.

Note:       The mappings are based on conceptual alignment between the frameworks as per NIST IR 8477 methodology.

Cybersecurity Framework

RC.RP (Incident Recovery Plan Execution) Alignment

NIST 800-53 Rev 5

CP-2, CP-4, CP-6, CP-7, CP-8, CP-9, CP-10, IR-4, IR-8, SA-8

CIS Controls v8

Control 11, Control 17

ISO 27001:2022

8.21, 8.32, 8.33, 8.34, 8.35, 8.36

CMMC 2.0

CP.L2-3.8.5, CP.L2-3.8.9, IR.L2-3.6.1, IR.L2-3.6.3

DORA

Article 11, Article 12, Article 14, Article 19, Article 21, Article 26

NIS2

Article 21, Annex I - Section 2(b), Annex I - Section 2(c)

 

Cybersecurity Framework

RC.CO (Incident Recovery Communication) Alignment

NIST 800-53 Rev 5

CP-2, CP-3, IR-4, IR-6, IR-8, PM-15

CIS Controls v8

Control 17

ISO 27001:2022

8.21, 8.35, 8.36, 8.37, 5.2, 5.3

CMMC 2.0

IR.L2-3.6.1, IR.L2-3.6.2, IR.L2-3.6.3

DORA

Article 14, Article 19, Article 20, Article 24, Article 25, Article 26

NIS2

Article 23, Article 24, Annex I - Section 2(b), Annex I - Section 2(c)

Get Started

As noted above, this Solution Guide offers an in-depth mapping of Cisco’s Security portfolio to the NIST CSF 2.0, illustrating how Cisco’s offerings can assist organizations in aligning with this framework. By leveraging Cisco’s capabilities, businesses can bolster their cybersecurity posture, optimize risk management, and adhere to industry best practices.

Additionally, the Guide maps NIST CSF 2.0 to various well-known and utilized frameworks. This comprehensive approach helps organizations gain a holistic view of their security status across diverse regulatory and security standards.

To fully leverage the insights provided, we encourage you to conduct a thorough assessment of your current cybersecurity strategies and identify areas where Cisco’s solutions can be effectively integrated. Utilize the mappings to align your security posture with NIST CSF 2.0 and other relevant frameworks.

Engage with Cisco’s experts to explore tailored security solutions that meet your specific needs and ensure protection in the digital age.

Together, let’s build a secure and resilient future.

This cross-referencing empowers organizations to strategically address cybersecurity challenges on a global scale, enhancing resilience and adaptability in the face of emerging threats.

 

Learn more