five

leeroy-jankins/NIST-CyberSecurity-Framework

收藏
Hugging Face2026-05-27 更新2026-05-31 收录
下载链接:
https://hf-mirror.com/datasets/leeroy-jankins/NIST-CyberSecurity-Framework
下载链接
链接失效反馈
官方服务:
资源简介:
--- language: - en license: other pretty_name: NIST Cybersecurity Framework 2.0 Question Answering Dataset size_categories: - n<1K task_categories: - question-answering tags: - cybersecurity - cybersecurity-risk-management - nist - nist-csf - csf-2-0 - cyber-governance - enterprise-risk-management - supply-chain-risk-management - incident-response - incident-recovery - question-answering - instruction-tuning - synthetic --- <img src="assets/NIST CyberSecurity Framework.png" alt="Preview" width="1000"/> # NIST Cybersecurity Framework 2.0 Question Answering Dataset ![License: Public Domain](https://img.shields.io/badge/license-public%20domain-brightgreen.svg) ## Dataset Summary The **NIST Cybersecurity Framework 2.0 Question Answering Dataset** is a synthetic instruction-style question-answering dataset derived from the **NIST Cybersecurity Framework (CSF) 2.0**. The dataset is designed to support training, fine-tuning, retrieval evaluation, and domain-specific question-answering use cases related to cybersecurity risk management, cybersecurity governance, enterprise risk management, supply chain risk management, incident response, recovery planning, and organizational cybersecurity communication. The source document describes CSF 2.0 as a flexible framework that helps organizations understand, assess, prioritize, and communicate cybersecurity risks. It is designed for organizations of all sizes and sectors, including industry, government, academia, and nonprofit organizations. ## Source Document - **Title:** The NIST Cybersecurity Framework (CSF) 2.0 - **Publication:** NIST Cybersecurity White Paper, NIST CSWP 29 - **Publisher:** National Institute of Standards and Technology - **Publication Date:** February 26, 2024 - **DOI:** https://doi.org/10.6028/NIST.CSWP.29 - **Primary Subject Area:** Cybersecurity risk management ## Dataset Structure Each record follows a conversational question-answer schema: | Field | Type | Description | |---|---|---| | `ID` | integer | Unique numeric record identifier. | | `Users` | string | Speaker label for the user prompt. | | `Questions` | string | User question derived from the CSF 2.0 source material. | | `Assistants` | string | Speaker label for the assistant response. | | `Answers` | string | Assistant answer grounded in the source document. | ## Example Record | ID | Users | Questions | Assistants | Answers | |---:|---|---|---|---| | 1 | User | What is the NIST Cybersecurity Framework 2.0? | Assistant | The NIST Cybersecurity Framework 2.0 is a voluntary framework that helps organizations understand, assess, prioritize, communicate, and manage cybersecurity risks. | ## Dataset Creation ### Source Selection The dataset was created from the NIST Cybersecurity Framework 2.0, including coverage of: - CSF overview and purpose - CSF Core - CSF Functions - CSF Categories and Subcategories - Govern, Identify, Protect, Detect, Respond, and Recover outcomes - Organizational Profiles - Current Profiles and Target Profiles - Community Profiles - CSF Tiers - Informative References - Implementation Examples - Quick Start Guides - Cybersecurity risk communication - Enterprise risk management integration - Cybersecurity and privacy risk relationships - Cybersecurity supply chain risk management - Emerging technology and artificial intelligence risk considerations ### Generation Method Questions and answers were generated synthetically from the source document. The dataset was structured to preserve a simple conversational format suitable for instruction tuning, retrieval-augmented generation evaluation, cybersecurity training, and policy-oriented educational use. ### Dataset Size The current dataset contains **200 records**. ## Intended Uses This dataset is intended for: - Fine-tuning small language models on cybersecurity governance and risk management - Building retrieval-augmented generation evaluation sets - Testing question-answering systems for cybersecurity policy and governance domains - Training assistants to answer foundational questions about NIST CSF 2.0 - Creating educational tools for cybersecurity awareness and governance training - Supporting internal organizational learning about CSF 2.0 concepts - Supporting cybersecurity risk management terminology alignment - Building synthetic benchmark records for cybersecurity framework retrieval tasks ## Out-of-Scope Uses This dataset should not be used as: - A substitute for the official NIST Cybersecurity Framework - Legal, regulatory, compliance, audit, procurement, cybersecurity, or privacy advice - A complete implementation guide for cybersecurity risk management - A certification basis for cybersecurity programs or systems - A source for determining whether an organization is secure or compliant - A replacement for expert review by cybersecurity, legal, privacy, audit, procurement, supply chain, or enterprise risk management professionals ## Limitations This dataset is synthetic and educational. Although it is based on the NIST CSF 2.0, the answers are summarized and reformulated rather than extracted as verbatim source text. Known limitations include: - The dataset does not reproduce the full CSF 2.0. - The dataset may simplify nuanced cybersecurity risk management concepts. - The dataset does not include every CSF Subcategory as a separate record. - The dataset does not provide legal, regulatory, audit, or compliance determinations. - The dataset does not include formal citations at the record level. - The dataset should be reviewed before use in high-stakes applications. - The dataset is not a substitute for organization-specific cybersecurity risk analysis. ## Bias, Risk, and Responsible Use The source document addresses cybersecurity risk management across diverse organizational contexts. However, this dataset is a synthetic derivative and may reflect limitations in question framing, topic selection, summarization, and interpretation. Users should evaluate the dataset for: - Completeness - Accuracy against the official NIST CSF 2.0 - Suitability for the intended model or retrieval task - Potential overgeneralization - Missing context - Sector-specific cybersecurity requirements - Applicability to specific regulatory or operational environments For operational cybersecurity, legal, compliance, audit, procurement, or enterprise risk management use, users should consult the official NIST CSF 2.0 and qualified subject-matter experts. ## Licensing The source document is a NIST publication made available free of charge. Users should verify the applicable licensing and reuse terms before publishing, redistributing, or commercially using this derivative dataset. The metadata field is set to `license: other` as a conservative placeholder. Replace it with the appropriate license identifier after confirming the desired release terms for the dataset. ## Citation If you use this dataset, cite the source framework: National Institute of Standards and Technology. The NIST Cybersecurity Framework (CSF) 2.0. NIST Cybersecurity White Paper, NIST CSWP 29. February 26, 2024. https://doi.org/10.6028/NIST.CSWP.29 ## Recommended Citation for This Dataset NIST Cybersecurity Framework 2.0 Question Answering Dataset. Synthetic question-answering dataset derived from NIST CSWP 29, The NIST Cybersecurity Framework (CSF) 2.0. ## Maintenance This dataset should be reviewed and updated when: - NIST updates the Cybersecurity Framework - NIST publishes new CSF companion resources - Informative References or Implementation Examples are materially updated - New CSF Community Profiles become relevant - New cybersecurity governance or enterprise risk management requirements emerge - The dataset is expanded with additional records or record-level citations ## Version - **Dataset Version:** 1.0 - **Source Framework Version:** CSF 2.0 - **Initial Record Count:** 200
提供机构:
leeroy-jankins
二维码
社区交流群
二维码
科研交流群
商业服务