Request Demo

NIST Cybersecurity Framework

Breaking Down the NIST Cybersecurity Framework: Respond


In this blog, we'll be disucssing the second-to-last framework function of the NIST Cybersecurity Framework: Respond. In the last three articles, we discussed the first three framework functions: Identify, Protect, and Detect in our Breaking Down the NIST Cybersecurity Framework series.

[Webinar with Cybersecurity Influencers: The Benefits of Frameworks and Standards HERE]

NIST defines respond as "Develop and implement appropriate activities to take action regarding a detected cybersecurity incident".

"The Respond Function supports the ability to contain the impact of a potential cybersecurity incident. Examples of outcome Categories within this Function include: Response Planning; Communications; Analysis; Mitigation; and Improvements".

Here are the parts to the respond function and their importance:

  • Response Planning: Response processes and procedures are executed and maintained, to ensure timely response to detected cybersecurity events.
  • Analysis: Analysis is conducted to ensure adequate response and support recovery activities.
  • Mitigation: Activities are performed to prevent expansion of an event, mitigate its effects, and eradicate the incident.
  • Communications: Response activities are coordinated with internal and external stakeholders, as appropriate, to include external support from law enforcement agencies.
  • Improvements: Organizational response activities are improved by incorporating lessons learned from current and previous detection/response activities.

When breaches occur in companies, an incident response plan is critical to manage the immediate aftermath. Surprisingly, lots of organizations don't have an incident response plan, or just havent tested the plan that they have in place.

  • Your Response Plan: Make sure that you're reporting breaches if they occur.
  • Mitigate: Make sure you have a plan to mitigte any event that could occur, in house and with third parties.
  • Analyze: Go over your plan with experts inside and outside of your team.

You may also like

The Cybersecurity Skills Gap: The ...
on February 7, 2019

The cybersecurity skills gap is nothing new to the seasoned cyber professional. It has been widely discussed in cyber and information security circles for some time. The main flag ...

George Wrenn
The Post-Digitization CISO
on February 5, 2019

Information leaders in digital businesses, whether focusing on optimization or a full transformation, are inherently altering their position among the executive leadership. As ...

Integrated Risk Management and ...
on January 31, 2019

With technology permeating every aspect of a business, one begins to wonder what technology is reserved for digital risk management rather than the other facets of integrated risk ...

Department of Defense Launches ...
on January 29, 2019

The Defense Federal Acquisition Regulation Supplement (DFARS) mandate, specifically Clause 252.204-7012 requiring all members of the Department of Defense’s supply chain to comply ...

Digital Risk Management Frameworks
on January 24, 2019

As organizations continue to embrace digitization, security teams are faced with the challenge of keeping the enterprise secure while empowering growth and innovation. Many CISO’s ...

The Cybersecurity Impact Of The ...
on January 23, 2019

There has been a great deal of speculation around the cybersecurity posture of the nation in light of the most recent (and longest documented) government shutdown. I’ve seen two ...

George Wrenn