Request Demo

Evolving Technology & the NIST Cybersecurity Framework

down-arrow

As technology becomes more available and integrated into our daily lives and businesses, it is important that we are aware of the vulnerabilities.

Intel recently reported that the “Internet of Things” has grown from 2 billion objects in 2006 to projected 200 billion by 2020 - that’s 26 smart objects per human on planet earth. In addition, most IoT devices aren't in our homes, cars, or smartphones. Instead, they're consolidated in factories, businesses, and healthcare. Migration of data to third-party cloud providers, mobile services, applications that involve collecting and analyzing Big Data, all run the risk of attack.

Manufacturing alone is projected to have a total worth of USD 2.3 trillion dollars in smart objects by 2025, and healthcare USD 2.5 trillion out of the global total of USD 6.2 trillion. In healthcare, the cost of cyberattacks on medical devices is expected to reach $101 billion by 2018. Attacks like ransomware WannaCry from May 2017, which inscribed itself on about 300,000 computers and digital software in 150+ countries, are just an example of the danger organizations face today, and a call to enact strict cybersecurity measures in order to reduce risk and reduct the cost of an attack if it does break though.

A recent Forbes article stated that most technology is vulnerable and can be hacked, and it's becoming more obvious every day. Thousands of cybersecurity vulnerabilities and breaches are identified every year, regardless of vendors precision at shutting down an attack. It’s time for businesses to be proactive about their cybersecurity approach.

The National Institute for Standards and Technology’s framework created a set of guidelines in their framework that attempts to solve this problem of internal cybersecurity management, and is nationally recognized and its publications are required for some organizations. NIST’s framework identifies actions companies can take to become more robust in their cyber posture and actually explains how to accomplish this, unlike its prior publications. The idea is to check all the boxes within your organization so that you can know you’re lowering your risk of an attack, to be proactive rather than reactive about your cyber posture. NIST calls this, “a high-level strategic view of the lifecycle of an organization’s management of cybersecurity risk” with 5 key concurrent and continuous functions: Identify, Protect, Detect, Respond, and Recover. 

The NIST Framework is truly applicable to any organization as a jumping off point to establish their cybersecurity posture. It turns in traditional, more audit-based policies for a risk-based approach to cybersecurity management. It’s a guideline for enterprises to update their risk management approach, as many U.S. organizations across sizes and industries already leverage some type of security framework.

The CyberStrong™ Solution

The NIST CSF is quickly emerging as best practice. CyberSaint’s platform, CyberStrong™, is built upon this gold-standard framework and includes the technical controls in various frameworks depending on your organization’s needs. Utilizing measuring and reporting tools, you can manage and evaluate your organization’s cyber posture in real time from one secure platform in language that isn't restricted to security professionals. Take charge of your company’s cybersecurity posture and communicate to your team, superiors, and board, managing cyber as a business function in your organization and reducing the immense costs that your organization could incur.

You may also like

The Cybersecurity Skills Gap: The ...
on February 7, 2019

The cybersecurity skills gap is nothing new to the seasoned cyber professional. It has been widely discussed in cyber and information security circles for some time. The main flag ...

George Wrenn
The Post-Digitization CISO
on February 5, 2019

Information leaders in digital businesses, whether focusing on optimization or a full transformation, are inherently altering their position among the executive leadership. As ...

Integrated Risk Management and ...
on January 31, 2019

With technology permeating every aspect of a business, one begins to wonder what technology is reserved for digital risk management rather than the other facets of integrated risk ...

Department of Defense Launches ...
on January 29, 2019

The Defense Federal Acquisition Regulation Supplement (DFARS) mandate, specifically Clause 252.204-7012 requiring all members of the Department of Defense’s supply chain to comply ...

Digital Risk Management Frameworks
on January 24, 2019

As organizations continue to embrace digitization, security teams are faced with the challenge of keeping the enterprise secure while empowering growth and innovation. Many CISO’s ...

The Cybersecurity Impact Of The ...
on January 23, 2019

There has been a great deal of speculation around the cybersecurity posture of the nation in light of the most recent (and longest documented) government shutdown. I’ve seen two ...

George Wrenn