Request Demo

Evolving Technology & the NIST Cybersecurity Framework

down-arrow

As technology becomes more available and integrated into our daily lives and businesses, it is important that we are aware of the vulnerabilities.

Intel recently reported that the “Internet of Things” has grown from 2 billion objects in 2006 to projected 200 billion by 2020 - that’s 26 smart objects per human on planet earth. In addition, most IoT devices aren't in our homes, cars, or smartphones. Instead, they're consolidated in factories, businesses, and healthcare. Migration of data to third-party cloud providers, mobile services, applications that involve collecting and analyzing Big Data, all run the risk of attack.

Manufacturing alone is projected to have a total worth of USD 2.3 trillion dollars in smart objects by 2025, and healthcare USD 2.5 trillion out of the global total of USD 6.2 trillion. In healthcare, the cost of cyberattacks on medical devices is expected to reach $101 billion by 2018. Attacks like ransomware WannaCry from May 2017, which inscribed itself on about 300,000 computers and digital software in 150+ countries, are just an example of the danger organizations face today, and a call to enact strict cybersecurity measures in order to reduce risk and reduct the cost of an attack if it does break though.

A recent Forbes article stated that most technology is vulnerable and can be hacked, and it's becoming more obvious every day. Thousands of cybersecurity vulnerabilities and breaches are identified every year, regardless of vendors precision at shutting down an attack. It’s time for businesses to be proactive about their cybersecurity approach.

The National Institute for Standards and Technology’s framework created a set of guidelines in their framework that attempts to solve this problem of internal cybersecurity management, and is nationally recognized and its publications are required for some organizations. NIST’s framework identifies actions companies can take to become more robust in their cyber posture and actually explains how to accomplish this, unlike its prior publications. The idea is to check all the boxes within your organization so that you can know you’re lowering your risk of an attack, to be proactive rather than reactive about your cyber posture. NIST calls this, “a high-level strategic view of the lifecycle of an organization’s management of cybersecurity risk” with 5 key concurrent and continuous functions: Identify, Protect, Detect, Respond, and Recover. 

The NIST Framework is truly applicable to any organization as a jumping off point to establish their cybersecurity posture. It turns in traditional, more audit-based policies for a risk-based approach to cybersecurity management. It’s a guideline for enterprises to update their risk management approach, as many U.S. organizations across sizes and industries already leverage some type of security framework.

The CyberStrong™ Solution

The NIST CSF is quickly emerging as best practice. CyberSaint’s platform, CyberStrong™, is built upon this gold-standard framework and includes the technical controls in various frameworks depending on your organization’s needs. Utilizing measuring and reporting tools, you can manage and evaluate your organization’s cyber posture in real time from one secure platform in language that isn't restricted to security professionals. Take charge of your company’s cybersecurity posture and communicate to your team, superiors, and board, managing cyber as a business function in your organization and reducing the immense costs that your organization could incur.

You may also like

Reading Between the Lines of NIST ...
on July 9, 2019

On June 19th, the National Institute of Standards and Technology (NIST) released the much anticipated Rev 2 of SP 800-171 and the working draft of supplement SP 800-171B. As the ...

How We're Making DFARS Compliance ...
on July 2, 2019

With the Department of Defense (DoD) making DFARS compliance a requirement for all contractors doing business with the DoD, a great amount of stress has been put on DoD ...

What to Expect from the Security ...
on June 26, 2019

Digital Society is Real, and Security and Risk Management Solutions Must Embrace Digital to be Successful Digital Society: “The collection of people and things that are engaged in ...

Alison Furneaux
Integrating GRC: Compliance, ...
on June 25, 2019

In our Integrating Governance Risk and Compliance series, CyberSaint leadership explores the process through which cybersecurity leaders can reconfigure their organizations to ...

George Wrenn
Integrating GRC: Risk, ...
on June 19, 2019

In our Integrating Governance Risk and Compliance series, CyberSaint leadership explores the process through which cybersecurity leaders can reconfigure their organizations to ...

Padraic O'Reilly
CyberSaint at Gartner Security and ...
on June 13, 2019

Next week, forward-thinking security and risk leaders will congregate in National Harbor for Gartner’s annual Security and Risk Management Summit. As the preeminent voice in the ...