NIST Cybersecurity Framework (CSF) 2.0
RESPOND (RS): Actions regarding a detected cybersecurity incident are taken
Categories
Incident Management (RS.MA):
Responses to detected cybersecurity incidents are managed
Incident Analysis (RS.AN):
Investigations are conducted to ensure effective response and support forensics and recovery activities
Incident Response Reporting and Communication (RS.CO):
Response activities are coordinated with internal and external stakeholders as required by laws, regulations, or policies
Incident Mitigation (RS.MI):
Activities are performed to prevent expansion of an event and mitigate its effects
Response Planning (RS.RP):
[Withdrawn: Incorporated into RS.MA]
Improvements (RS.IM):
[Withdrawn: Incorporated into ID.IM]