<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo

NIST Cybersecurity Framework

Breaking Down the NIST CSF Function: Detect

down-arrow

In the past two blog posts, we've been diving into the framework functions. So far, we've covered the NIST Identify function and Protect function. Now, we move on to the third core function of the framework: Detect.

[Webinar with Cybersecurity Influencers: The Benefits of Frameworks and Standards HERE]

The National Institute of Standards and Technology or NIST defines the framework core as "a set of cybersecurity activities, desired outcomes, and applicable references that are common across critical infrastructure sectors. The NIST CSF Core presents industry standards, guidelines, and practices in a manner that allows for communication of cybersecurity activities and outcomes across the organization from the executive level to the implementation/operations level".

The detect function requires that you develop and implement an appropriate risk management strategy to identify the occurrence of a cybersecurity event. Your strategy should include coordination with key internal and external stakeholders.

"The detect function enables timely discovery of cybersecurity events. Examples of outcome Categories within this Function include: Anomalies and Events; Security Continuous Monitoring; and Detection Processes".

  • Anomalies & Events: Your program will detect unusual activity as soon as possible, and the impact of events is understood by everyone on your team and beyond.
  • Security & Continuous Monitoring: You're monitoring your information system and environments at specified intervals to identify cyber events in your organization.
  • Detection Processes: Procedures and processes for detection are put in place and tested in order to ensure timely and broad awareness of cyber events.

The detect function is a critical step to a robust cyber program - the faster you can detect a cybersecurity event, the faster you can mitigate the effects of it. Examples of how to accomplish steps towards a thorough detect function are as follows:

  • Anomalies & Events: Prepare your team to have the knowledge to collect and analyze data from multiple points to detect an event.
  • Security & Continuous Monitoring: Make your team able to monitor your assets 27/7 or consider involving an MSS to supplement.
  • Detection Processes: Attempt to know about a breach as soon as possible and follow disclosure requirements as needed. Your program should be able to detect inappropriate access to your data as soon as possible.

Clearly, the detect function is one of the most important, as detecting a breach or event can be life or death for your business. There is no doubt that following these best practices and implementing these solutions will help you scale your program and mitigate cybersecurity risk with comprehensive risk management decisions. In our next blog post, we will explore the respond function.

Learn How CyberStrong Streamlines the NIST Cybersecurity Framework Adoption

You may also like

Benchmarking Your Cyber Risk ...
on September 25, 2023

Benchmarking your organization against the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is a valuable step towards improving cybersecurity ...

Security Posture Management: The ...
on September 27, 2023

Cybersecurity is a complex and dynamic field, and there are several elements that security teams must continuously monitor and manage to protect an organization's security ...

Stay One Step Ahead: A Guide to ...
on September 1, 2023

Cyber risk monitoring aims to proactively manage and mitigate cyber risk to protect an organization’s valuable assets and sensitive data. This process involves regularly ...

How to Create a Cybersecurity Risk ...
on August 22, 2023

For years, the discourse in IT has been centered around cybersecurity. Yet, with the volume of cyber attacks increasing, professionals have developed a more holistic approach to ...

How to Mitigate Cyber Risks in ...
on August 18, 2023

Supply chains are complex networks of organizations, people, processes, information, and resources, all collaborating to deliver goods and services to end consumers. Due to their ...

Conducting a Cyber Risk ...
on August 11, 2023

Cyber risk has become increasingly pervasive in almost every industry. From the new SEC cyber regulations to industry standards like the NIST CSF and HIPAA, regulatory bodies are ...