A Guide to Creating Community Profiles

Since the NIST Cybersecurity Framework (CSF) was first released in 2014, the CSF has been used by communities with shared interests in cybersecurity risk management. They developed what CSF 2.0 terms “Community Profiles” to describe the ways various organizations have used CSF Profiles to develop cybersecurity risk management guidance that applies to multiple organizations, as well as to differentiate them from Organizational Profiles that are not shared publicly. A Community Profile can be thought of as guidance for a specific community that is organized around the common taxonomy of the CSF. 

Considerations for developing CSF 2.0 Community Profiles

The guide describes Community Profiles, provides a template and guidance for the content that may be conveyed through a Community Profile, and offers a Community Profile Lifecycle (Plan, Develop, Use, Maintain). Communities can build on the ideas in this guide to create a Community Profile that supports their needs where they share common priorities.

Join the Community of Interest

Employee speaking on video call with colleagues on online briefing with laptop at home

A Community of Interest (COI) is a group of professionals and advisors who share business insights, technical expertise, challenges, and perspectives to guide NCCoE projects. COIs often include experts, innovators, and everyday users of cybersecurity and privacy technologies. Share your expertise and consider becoming a member of this project's COI. 

Tell us about yourself

First & Last Name