A set of rules and guidelines presented by the National Institute of Standards and Technology (NIST) which allows businesses to integrate information security and risk management and respond to security incidents faster.