Enhancing Organizational Cyber Resilience Through the NIST Cybersecurity Framework

Authors

  • Divine Ezeagwuna Independent Researcher, Canada Author

DOI:

https://doi.org/10.21590/

Keywords:

Organizational cyber resilience, NIST Cybersecurity Framework, cybersecurity governance, cyber risk management, business continuity, incident response, cybersecurity resilience, digital transformation, threat detection, information security

Abstract

Today’s cyber threats are greater than ever before, posing new threats to operational continuity, data security, and stakeholder trust for organizations. In today’s fast-paced digital transformation, cyber resilience has emerged as a strategic priority and is not just about cyber security, but also about governance, risk management, incident response and business recovery. The study compares and contrasts the NIST Cybersecurity Framework with other frameworks and models that offer a structured and risk-based approach to identifying, protecting, detecting, responding, and recovering from cybersecurity incidents and will explore its benefits to improving the cyber resilience of organizations. The paper summarizes the key pillars of the framework and discusses how they relate to organizational governance, continuity planning, security culture and continuous improvement. It also examines key issues that can affect the effective implementation of these, such as leadership support, employee awareness, third-party risk management, and the use of new technologies like AI to detect and respond to threats. The study identifies best practices that help organizations sustain operations and comply with regulations without compromising their cyber-resilience. It concludes that the NIST Cybersecurity Framework provides an expansive cybersecurity baseline for developing adaptive, resilient, and sustainable cybersecurity programs that can help reduce the impact of disruptions and meet long-term organizational goals. The results offer valuable practical guidance for organizational leaders, cybersecurity personnel, policy-makers and researchers on how to better improve cyber-resilience in the digital era that is growing more complex. 

References

Möller, D. P. (2023). NIST cybersecurity framework and MITRE cybersecurity criteria. In Guide to cybersecurity in digital transformation: Trends, methods, technologies, applications and best practices (pp. 231-271). Cham: Springer Nature Switzerland.

Aljumaiah, O., Jiang, W., Addula, S. R., & Almaiah, M. A. (2025). Analyzing cybersecurity risks and threats in IT infrastructure based on NIST framework. J. Cyber Secur. Risk Audit, 2025(2), 12-26.

AL-Hawamleh, A. (2024). Cyber resilience framework: Strengthening defenses and enhancing continuity in business security.

Luis Salas-Riega, J., Riega-Virú, Y., Ninaquispe-Soto, M., & Miguel Salas-Riega, J. (2025). Cybersecurity and the NIST Framework: A Systematic Review of its Implementation and Effectiveness Against Cyber Threats. International Journal of Advanced Computer Science & Applications, 16(6).

Edwards, J. (2024). A comprehensive guide to the NIST cybersecurity framework 2.0: Strategies, implementation, and best practice. John Wiley & Sons.

Cybersecurity, C. I. (2018). Framework for improving critical infrastructure cybersecurity. URL: https://nvlpubs. nist. gov/nistpubs/CSWP/NIST. CSWP, 4162018(7).

Rohan, R., Papasratorn, B., Chutimaskul, W., Hautamäki, J., Funilkul, S., & Pal, D. (2023, December). Enhancing cybersecurity resilience: A comprehensive analysis of human factors and security practices aligned with the NIST cybersecurity framework. In Proceedings of the 13th International Conference on Advances in Information Technology (pp. 1-16).

Belalcázar, A., Ron, M., Díaz, J., & Molinari, L. (2017, November). Towards a strategic resilience of applications through the NIST cybersecurity framework and the strategic alignment model (SAM). In 2017 International Conference on Information Systems and Computer Science (INCISCOS) (pp. 181-187). IEEE.

Annarelli, A., Clemente, S., Nonino, F., & Palombi, G. (2021, July). Effectiveness and adoption of NIST managerial practices for cyber resilience in Italy. In Intelligent Computing: Proceedings of the 2021 Computing Conference, Volume 3 (pp. 818-832). Cham: Springer International Publishing.

Kanaan, A., AL-Hawamleh, A., Aloun, M., Alorfi, A., & Alrawashdeh, M. A. (2024). Fortifying organizational cyber resilience: an integrated framework for business continuity and growth amidst escalating threat landscapes.

AL-Hawamleh, A. M. (2024). Securing the future: Framework fundamentals for cyber resilience in advancing organizations. Journal of System and Management Sciences, 14(10), 130-150.

Hiller, J. S., & Russell, R. S. (2015). Modalities for Cyber Security and Privacy Resilience: The NIST Approach. In ISCRAM.

Mohammed Alharbi, T. S. (2025). Cybersecurity governance and organizational resilience: A framework for sustainable risk management. EDPACS, 1-16.

Munusamy, T., Khodadadi, T., & Zamani, M. (2023). Enhancing Cyber Security in Organisations by Establishing Attributes Towards Achieving Cyber Resilience.

Pemmasani, P. K. (2023). National cybersecurity frameworks for critical infrastructure: Lessons from governmental cyber resilience initiatives. International Journal of Acta Informatica, 2(1), 209-218.

Al Kalach, N. (2025). AI-Driven Customer Relationship Management: Enhancing Salesforce Efficiency Through Predictive Analytics. International Journal of Advance Industrial Engineering, 13(01), 22-35.

Williams, M. O. (2023). Numerical Modelling of Reactive Transport in Geothermal Reservoirs for Long-Term Performance Prediction. International Journal of Environmental Sciences, 9(1s), 2023.

Al Kalach, N. (2025). Salesforce Security Architecture for Zero-Trust, Encryption & Compliance. Journal of Data Analysis and Critical Management, 1(04), 63-77.

Verma, A. CONTINUOUS THREAT EXPOSURE MANAGEMENT (CTEM) WITHIN SASE FRAMEWORKS.

Williams, M. O. (2024). DEVELOPMENT OF REACTIVE HEAT EXCHANGERS FOR ENHANCED GEOTHERMAL ENERGY RECOVERY. Power System Protection and Control, 52(2), 18-37.

Anifowose, K. (2025). Development and Validation of AI-Assisted Analytical Methods for Biochemical Compound Detection in Pharmaceutical Chemistry. Journal of Applied Pharmaceutical Sciences and Research, 8(4), 41-52.

Ravikumar, V. (2025). Therapeutic Bot: Ethical Concerns in AI therapy for Neurodivergence. J Int Scient Re Rep.

Mukherjee, C. (2026). AI-Based Detection of Deepfakes and Misinformation on Social Media. Euro Vantage journals of Artificial intelligence, 3(2), 9-30.

Das, P. K., Kashem, M. A., Ferdus, Z., & Islam, S. (2019, October). Development and application of a new computerized smell generating system. In 2019 Global Conference for Advancement in Technology (GCAT) (pp. 1-5). IEEE.

Ferdus, M. Z., Khan, M. N. I., Islam, S., & Kashem, M. A. (2019, October). VFLT: SQA Model for Cyber Physical System. In 2019 Global Conference for Advancement in Technology (GCAT) (pp. 1-4). IEEE.

Ferdus, M. Z., Islam, S., & Kashem, M. A. (2019, October). An innovative load balancing cluster composition of wireless sensor networks. In 2019 global conference for advancement in technology (GCAT) (pp. 1-4). IEEE.

Islam, S. J., Islam, S., Ferdus, M. Z., Khan, M. N. I., Kashem, M. A., & Islam, M. S. (2020, September). Load compactness and recognizing area aware cluster head selection of wireless sensor networks. In 2020 International conference on computing and information technology (ICCIT-1441) (pp. 1-4). IEEE.

Islam, S., Khan, M. N. I., Ferdus, M. Z., Islam, S. J., & Kashem, M. A. (2020, September). Improving throughput using cooperating TDMA scheduling of wireless sensor networks. In 2020 International Conference on Computing and Information Technology (ICCIT-1441) (pp. 1-4). IEEE.

Hasan, S. N., Chakraborty, P., Ansar, M. T. B., Al Zaiem, A., Das, N., & Shan-A-Alahi, A. (2024). ENHANCING ORGANIZATIONAL RESILIENCE: INTEGRATING CYBERSECURITY RISK MANAGEMENT INTO INFORMATION SYSTEMS GOVERNANCE. Power System Protection and Control, 52(4), 30-43.

Aliane, N., & Zakariya, A. (2023). Enhancing cyber security resilience in the industrial sector: A comprehensive framework for third-party risk management. International Journal of Cyber Criminology, 17(2), 262-283.

Kabir, M. H., Razib, M., Arafat, Y., Rashed, R. A. M., & Jesan, Z. (2025). Strengthening US Critical Infrastructure Resilience Through NIST-Aligned Cybersecurity Governance and AI-Driven Threat Detection. Journal of Computer Science and Technology Studies, 7(6), 1120-1134.

Massa, B. A. (2025). Navigating Cyber Threats: Practitioner Insights on Building Cyber-Resilient Organizations (Doctoral dissertation, Robert Morris University).

Oyekunle, S. M., Tiwo, O. J., Adesokan-Imran, T. O., Ajayi, A. J., Salako, A. O., & Olaniyi, O. O. (2025). Enhancing data resilience in cloud-based electronics health records through ransomware mitigation strategies using NIST and MITRE ATT&CK frameworks. Journal of Engineering Research and Reports, 27(3), 436-457.

Conklin, W. A., & Shoemaker, D. (2017). Cyber-resilience: Seven steps for institutional survival. EDPACS, 55(2), 14-22.

White, G. B., & Sjelin, N. (2022). The NIST cybersecurity framework. In Research anthology on business aspects of cybersecurity (pp. 39-55). IGI global.

Kanaan, A., Ahmad, A. H., Alorfi, A., & Aloun, M. (2024, February). Cybersecurity resilience for business: a comprehensive model for proactive defense and swift recovery. In 2024 2nd International Conference on Cyber Resilience (ICCR) (pp. 1-7). IEEE.

Downloads

Published

2026-03-30

How to Cite

Ezeagwuna, D. (2026). Enhancing Organizational Cyber Resilience Through the NIST Cybersecurity Framework. International Journal of Technology, Management and Humanities, 12(01), 124-140. https://doi.org/10.21590/

Similar Articles

11-20 of 272

You may also start an advanced similarity search for this article.