This document discusses the National Institute of Standards and Technology's Cybersecurity Framework. It begins by defining cyber security and information security. It then explains that the Framework was created through a collaborative process between the private sector and government to provide a common language for managing cybersecurity risks. The Framework includes functions for identifying, protecting, detecting, responding to and recovering from cybersecurity events. It also establishes tiers to assess approaches to cyber risk management. The document urges organizations to adopt the Framework to improve cybersecurity practices and facilitate information sharing.