Request Demo

Evolving Technology & the NIST Cybersecurity Framework

down-arrow

As technology becomes more available and integrated into our daily lives and businesses, it is important that we are aware of the vulnerabilities.

Intel recently reported that the “Internet of Things” has grown from 2 billion objects in 2006 to projected 200 billion by 2020 - that’s 26 smart objects per human on planet earth. In addition, most IoT devices aren't in our homes, cars, or smartphones. Instead, they're consolidated in factories, businesses, and healthcare. Migration of data to third-party cloud providers, mobile services, applications that involve collecting and analyzing Big Data, all run the risk of attack.

Manufacturing alone is projected to have a total worth of USD 2.3 trillion dollars in smart objects by 2025, and healthcare USD 2.5 trillion out of the global total of USD 6.2 trillion. In healthcare, the cost of cyberattacks on medical devices is expected to reach $101 billion by 2018. Attacks like ransomware WannaCry from May 2017, which inscribed itself on about 300,000 computers and digital software in 150+ countries, are just an example of the danger organizations face today, and a call to enact strict cybersecurity measures in order to reduce risk and reduct the cost of an attack if it does break though.

A recent Forbes article stated that most technology is vulnerable and can be hacked, and it's becoming more obvious every day. Thousands of cybersecurity vulnerabilities and breaches are identified every year, regardless of vendors precision at shutting down an attack. It’s time for businesses to be proactive about their cybersecurity approach.

The National Institute for Standards and Technology’s framework created a set of guidelines in their framework that attempts to solve this problem of internal cybersecurity management, and is nationally recognized and its publications are required for some organizations. NIST’s framework identifies actions companies can take to become more robust in their cyber posture and actually explains how to accomplish this, unlike its prior publications. The idea is to check all the boxes within your organization so that you can know you’re lowering your risk of an attack, to be proactive rather than reactive about your cyber posture. NIST calls this, “a high-level strategic view of the lifecycle of an organization’s management of cybersecurity risk” with 5 key concurrent and continuous functions: Identify, Protect, Detect, Respond, and Recover. 

The NIST Framework is truly applicable to any organization as a jumping off point to establish their cybersecurity posture. It turns in traditional, more audit-based policies for a risk-based approach to cybersecurity management. It’s a guideline for enterprises to update their risk management approach, as many U.S. organizations across sizes and industries already leverage some type of security framework.

The CyberStrong™ Solution

The NIST CSF is quickly emerging as best practice. CyberSaint’s platform, CyberStrong™, is built upon this gold-standard framework and includes the technical controls in various frameworks depending on your organization’s needs. Utilizing measuring and reporting tools, you can manage and evaluate your organization’s cyber posture in real time from one secure platform in language that isn't restricted to security professionals. Take charge of your company’s cybersecurity posture and communicate to your team, superiors, and board, managing cyber as a business function in your organization and reducing the immense costs that your organization could incur.

You may also like

Contextualize Quantified Cyber ...
on April 11, 2019

Now more than ever, CISO’s are being tasked with delivering hard metrics around an enterprise’s technology and digital risk. While this is nothing new for seasoned IT ...

NYDFS Implementation Grace Period ...
on April 9, 2019

Following the Equifax breach and growing concerns about the posture of the financial industry, New York State Department of Financial Services (NYDFS) released the initial ...

CEO's - Do You Know Where That ...
on April 5, 2019

It is no secret that cybersecurity has mystified many members of the C-suite since the function was introduced. With headlines dominated by breaches and hearings of information ...

Jerry Layden
Carbon Black Report Indicates ...
on April 2, 2019

In their third Global Incident Response Threat Report our Massachusetts neighbor, Carbon Black, illustrates not only the top industries for cyber attack but a deeply concerning ...

Legacy GRC And The Sunk Cost ...
on March 28, 2019

Last month, we covered how legacy GRC products and new integrated risk management (IRM) solutions can co-exist and in fact compliment each other. That said, in order for them to ...

Alison Furneaux
What To Expect From The Imminent ...
on April 6, 2019

While the NIST Privacy Framework may be the headliner for the most anticipated new publication from the National Institute of Standards and Technology, there are two imminent ...