Mapping: Nexus SecOps ↔ NIST CSF 2.0¶

This document maps Nexus SecOps benchmark controls to NIST Cybersecurity Framework 2.0 subcategories. Use this mapping to demonstrate how Nexus SecOps controls satisfy CSF 2.0 requirements, or to identify Nexus SecOps controls that address specific CSF gaps.

NIST CSF 2.0 Functions: GV (Govern), ID (Identify), PR (Protect), DE (Detect), RS (Respond), RC (Recover)

GV — Govern¶

CSF 2.0 Subcategory	Description	Nexus SecOps Controls
GV.OC-01	Organizational mission and objectives	Nexus SecOps-201, Nexus SecOps-202
GV.OC-04	Organizational objectives, stakeholders communicated	Nexus SecOps-201, Nexus SecOps-211
GV.OC-05	Outcomes, capabilities, services for supply chain	Nexus SecOps-204
GV.RM-01	Risk management objectives established	Nexus SecOps-201, Nexus SecOps-209
GV.RM-02	Risk appetite and tolerance	Nexus SecOps-201, Nexus SecOps-207
GV.RM-04	Strategic direction for risk management	Nexus SecOps-201, Nexus SecOps-207
GV.RM-06	Risk management process is established	Nexus SecOps-207, Nexus SecOps-208
GV.RM-07	Risk management overseen by senior leaders	Nexus SecOps-201, Nexus SecOps-211
GV.PO-01	Organizational cybersecurity policy established	Nexus SecOps-201
GV.PO-02	Cybersecurity roles and responsibilities assigned	Nexus SecOps-203, Nexus SecOps-205
GV.AT-01	Security awareness training provided	Nexus SecOps-206, Nexus SecOps-220
GV.AT-02	Personnel trained in roles and responsibilities	Nexus SecOps-206, Nexus SecOps-061
GV.OV-01	Cybersecurity risk management review	Nexus SecOps-207, Nexus SecOps-210
GV.OV-02	Cybersecurity risk updated with lessons learned	Nexus SecOps-072, Nexus SecOps-220
GV.SC-01	Supply chain cybersecurity established	Nexus SecOps-204
GV.SC-03	Supplier practices evaluated	Nexus SecOps-204

ID — Identify¶

CSF 2.0 Subcategory	Description	Nexus SecOps Controls
ID.AM-01	Software asset inventory	Nexus SecOps-001, Nexus SecOps-151
ID.AM-02	Hardware asset inventory	Nexus SecOps-001, Nexus SecOps-136
ID.AM-04	External information systems cataloged	Nexus SecOps-001, Nexus SecOps-204
ID.AM-05	Resources prioritized by classification	Nexus SecOps-030, Nexus SecOps-207
ID.AM-07	Inventories of data and corresponding metadata	Nexus SecOps-027, Nexus SecOps-030
ID.AM-08	Systems, hardware, software, services, data managed	Nexus SecOps-001, Nexus SecOps-015
ID.RA-01	Asset vulnerabilities identified	Nexus SecOps-151, Nexus SecOps-152
ID.RA-02	Threat and vulnerability information received	Nexus SecOps-081, Nexus SecOps-082
ID.RA-03	Threats identified and documented	Nexus SecOps-081, Nexus SecOps-089
ID.RA-04	Potential business impacts and likelihoods identified	Nexus SecOps-207, Nexus SecOps-208
ID.RA-05	Threats, vulnerabilities, likelihoods, impacts prioritized	Nexus SecOps-207, Nexus SecOps-087
ID.RA-06	Risk responses identified, prioritized, planned	Nexus SecOps-207, Nexus SecOps-208
ID.RA-07	Changes identified and assessed	Nexus SecOps-202, Nexus SecOps-203
ID.IM-01	Improvements identified	Nexus SecOps-220, Nexus SecOps-072
ID.IM-02	Effective security practices shared	Nexus SecOps-088, Nexus SecOps-220

PR — Protect¶

CSF 2.0 Subcategory	Description	Nexus SecOps Controls
PR.AA-01	Identities and credentials managed	Nexus SecOps-111, Nexus SecOps-112
PR.AA-02	Identities proofed and bound to credentials	Nexus SecOps-111, Nexus SecOps-113
PR.AA-03	Users authenticated	Nexus SecOps-111, Nexus SecOps-113
PR.AA-05	Access permissions managed	Nexus SecOps-111, Nexus SecOps-114
PR.AA-06	Physical access managed	Nexus SecOps-213
PR.AT-01	Workforce trained	Nexus SecOps-061, Nexus SecOps-206
PR.DS-01	Data at rest protected	Nexus SecOps-005, Nexus SecOps-215
PR.DS-02	Data in transit protected	Nexus SecOps-003, Nexus SecOps-215
PR.DS-07	Development and testing environments separate	Nexus SecOps-202
PR.DS-08	Integrity checking mechanisms used	Nexus SecOps-005, Nexus SecOps-023
PR.IR-01	Networks and environments protected	Nexus SecOps-121, Nexus SecOps-137
PR.IR-02	Technologies designed and managed for security	Nexus SecOps-202, Nexus SecOps-204
PR.PS-01	Configurations established and maintained	Nexus SecOps-136, Nexus SecOps-137
PR.PS-02	Software maintained	Nexus SecOps-151, Nexus SecOps-153
PR.PS-03	Computer hardware maintained	Nexus SecOps-136, Nexus SecOps-151
PR.PS-04	Logs collected	Nexus SecOps-001 through Nexus SecOps-015

DE — Detect¶

CSF 2.0 Subcategory	Description	Nexus SecOps Controls
DE.CM-01	Networks monitored	Nexus SecOps-001, Nexus SecOps-008, Nexus SecOps-013
DE.CM-02	Physical environment monitored	Nexus SecOps-213
DE.CM-03	Personnel activity monitored	Nexus SecOps-049, Nexus SecOps-119, Nexus SecOps-120
DE.CM-06	External service provider activities monitored	Nexus SecOps-204, Nexus SecOps-008
DE.CM-09	Computing hardware and software monitored	Nexus SecOps-010, Nexus SecOps-136, Nexus SecOps-140
DE.AE-02	Anomalous, potentially adversarial activity analyzed	Nexus SecOps-031, Nexus SecOps-044, Nexus SecOps-051
DE.AE-03	Event data aggregated and correlated	Nexus SecOps-015, Nexus SecOps-046, Nexus SecOps-064
DE.AE-04	Estimated impact and scope determined	Nexus SecOps-051, Nexus SecOps-066, Nexus SecOps-067
DE.AE-06	Information shared with designated parties	Nexus SecOps-069, Nexus SecOps-088
DE.AE-07	Cyber threat intelligence is integrated	Nexus SecOps-083, Nexus SecOps-085, Nexus SecOps-093
DE.AE-08	Incidents declared and reported	Nexus SecOps-066, Nexus SecOps-067, Nexus SecOps-073

RS — Respond¶

CSF 2.0 Subcategory	Description	Nexus SecOps Controls
RS.MA-01	Incident response executed	Nexus SecOps-066, Nexus SecOps-070
RS.MA-02	Incident reports triaged	Nexus SecOps-051, Nexus SecOps-053, Nexus SecOps-067
RS.MA-03	Incidents categorized and escalated	Nexus SecOps-056, Nexus SecOps-067, Nexus SecOps-068
RS.MA-04	Incidents responded to	Nexus SecOps-070, Nexus SecOps-096, Nexus SecOps-097
RS.MA-05	Criteria for escalation established	Nexus SecOps-056, Nexus SecOps-066
RS.AN-03	Analysis performed to establish what occurred	Nexus SecOps-058, Nexus SecOps-064, Nexus SecOps-065
RS.AN-06	Actions taken collected	Nexus SecOps-071, Nexus SecOps-102
RS.AN-07	Cause of the incident estimated	Nexus SecOps-058, Nexus SecOps-072
RS.AN-08	Magnitude of the incident understood	Nexus SecOps-066, Nexus SecOps-067
RS.CO-02	Internal and external stakeholders notified	Nexus SecOps-069, Nexus SecOps-073
RS.CO-03	Information shared with designated parties	Nexus SecOps-069, Nexus SecOps-088
RS.MI-01	Incidents contained	Nexus SecOps-070, Nexus SecOps-106, Nexus SecOps-137
RS.MI-02	Incidents eradicated	Nexus SecOps-070, Nexus SecOps-080

RC — Recover¶

CSF 2.0 Subcategory	Description	Nexus SecOps Controls
RC.RP-01	Recovery plan executed during or after incident	Nexus SecOps-066, Nexus SecOps-080
RC.RP-03	Recovery activities prioritized	Nexus SecOps-066, Nexus SecOps-207
RC.RP-04	Criteria for restoring operations defined	Nexus SecOps-080
RC.RP-05	Recovery actions selected	Nexus SecOps-066, Nexus SecOps-080
RC.CO-03	Recovery activities communicated	Nexus SecOps-069, Nexus SecOps-079
RC.CO-04	Public updates on recovery	Nexus SecOps-069

Coverage Summary¶

CSF Function	CSF Subcategories	Nexus SecOps Controls Addressing
Govern (GV)	15	Nexus SecOps-201–220 (GOV domain)
Identify (ID)	15	Nexus SecOps-001, 027, 081, 151, 207 (TEL, CTI, VUL, GOV)
Protect (PR)	16	Nexus SecOps-003, 005, 111, 121, 136, 151, 206
Detect (DE)	11	Nexus SecOps-001–050 (TEL, DQN, DET domains)
Respond (RS)	13	Nexus SecOps-051–110 (TRI, INC, AUT domains)
Recover (RC)	6	Nexus SecOps-066, 069, 080 (INC domain)

Overall Nexus SecOps → NIST CSF 2.0 alignment: High. All six CSF functions are addressed. The TEL, DET, and INC domains provide the deepest coverage for DE, RS, and RC functions respectively.

See Controls Catalog for full control definitions. See Mapping: MITRE ATT&CK for threat-centric coverage.