Request Demo

NIST Cybersecurity Framework

How CISOs Can Create A Balanced Portfolio Of Cybersecurity Products - Forbes

down-arrow

Great article on using the framework to create a portfolio view for cyber management.

We’re entering a world of deepening complexity and far vaster breadth when it comes to security for the modern enterprise. With companies integrating legacy data centers, manufacturing facilities, and networks with the cloud and the Internet of Things (IoT), all connecting to an uncontrollable mass of independently governed endpoints, CIOs and CISOs face a constant challenge of trying to decide what to protect and how to protect it.

When thinking about how companies should choose to spend their security dollars, I find the framework created by the National Institute of Standards and Technology (NIST) to be a great guide, although many security professionals also rely on ISO 27001. The NIST framework offers five main functions companies need to be able to address in their approach to cybersecurity: 1) Identify; 2) Protect; 3) Detect; 4) Respond; and 5) Recover. Within this excellent taxonomy of security capabilities, categories like asset management, risk management, and governance are under the identify function, access control, maintenance, and data security fall under protect, while monitoring and anomalous events fall under detect. Respond includes response planning, communications, and mitigation, while recover includes communications taken in the wake of an attack, recovery planning, and improvements to systems and procedures.

Read the full article on Forbes.

You may also like

Marriott Breach Points To Issue In ...
on December 13, 2018

On Friday, November 30th, Marriott International announced what could be one of the largest data breaches in history. Over 500 million guests’ personal data, ranging from names to ...

The Key To Turning Your Security ...
on December 13, 2018

It is often said, “if you don’t want something noticed, don’t talk about it”. This is true of a bad GPA, a stain on a carpet, or a project you might have missed a deadline for. ...

Solving The Cybersecurity Skills ...
on December 6, 2018

It is no shock to those in the cyber community that cybersecurity has become a board-level issue for many enterprises. A PwC survey showed a 20% increase in CEO’s concern over ...

The Next Wave Of Innovation For ...
on December 12, 2018

   The internet of things (IoT) is a force transforming the modern enterprise. Anything from robotics in warehouses to smart manufacturing to data center monitoring, the ...

The Corporate Compliance and ...
on December 4, 2018

Corporate compliance and oversight (CCO) is one of the main pillars to a strong integrated risk management (IRM) program and solution. Today, compliance leaders are faced with a ...

Securing the AI powered enterprise
on December 5, 2018

Machine learning and artificial intelligence (AI) has become the competitive differentiator of our time. By 2020, Gartner predicts that almost all new products to enter the market ...