The National Institute of Standards and Technology has released a draft of voluntary cybersecurity standards for companies. The core functions: Identify. Protect. Detect. Respond. And Recover. The framework defines a set of best practices and provides a tool to help organizations plot their strategies. The departments of Homeland Security, Commerce, and Treasury are reviewing the draft.