Request Demo

NIST Cybersecurity Framework

Cybersecurity Awareness Month: Strengthen Your Cyber Posture

down-arrow

For years now, October has been recognized as National Cybersecurity Awareness Month. The National Cyber Security Alliance and the U.S. Department of Homeland Security brought cybersecurity into the spotlight when they created this initiative in 2003, and in light of recent events, there is no better time than now to be cyber aware.

[ Interested in learning how to strategically deploy the NIST Cybersecurity Framework? Sign up for our "Don't Fear The NIST CSF" Webinar to learn from industry experts]

The month of October is split into themes by week. The first week is centered around simple steps for online safety. The second week promotes education in the workplace about cyber threats and how to promote best practices to mitigate risks. Recognizing and combatting cybercrime is the theme of the third week, as identifying cybercrime can be difficult for those who aren’t schooled or have experience in the area. Week four focuses on the rapidly accelerating technology that is being increasingly integrated into our daily lives. Everyone is connected, and we can only look into the future to plan ahead and mitigate cyber risk for the future. Week five, the last week, is about building resilience, especially when it comes to our critical systems and infrastructure. 

To understand and truly take part in building resiliency this month, it’s important that stakeholders, especially those in risk and security, understand and implement strategies to mitigate cyber risk. This means whether you are implementing the NIST Cybersecurity Framework or not, it’s important to understand this nationally recognized set of best practices.

The Framework has five key focus areas: Identify, Protect, Detect, Respond, and Recover.

Identify: Run an assessment to identify your business or organization’s baseline status on information security. In this phase, you should be identifying the risks that your business has, and to do this properly it’s important that you understand where you stand to date. Look at what assets are accessed and by who, and in what location. When you understand where you stand, you’ll be able to identify potential problem areas much more efficiently.

Protect: This next step focuses on making safe the assets that you identified earlier by securing your organization in weak areas. This includes your network internally and externally, multi factor authentication (MFA) or two factor authentication (2FA), educating your teams in every department - not just cyber or IT - of the red flags of a cyberattack, a phishing email, how to handle sensitive information in the workplace and more.

Detect: How quickly can your organization detect a cyber incident? This question is the focus of the third phase. Some cyber attacks exist within organizations for weeks or even months without detection - don’t compromise your company’s data and reputation by letting that happen to you. Building off of the previous steps, understand your risks, threats and methods of protection. Then, put your resources (tools, people) in place to detect threats.

Respond: The Respond phase focuses on your organization’s ability to respond to incidents. Secure your response plan. To nail this phase at the very least you should have an incident response plan with protocols on how to communicate along and within what timeline. You should then test your plan as thoroughly as possible to optimize the process.

Recover: Make sure that you’re able to recover your services and capabilities after an attack as quickly as possible to reduce the negative impact on your organization. Try to make your recovery approach adaptable process as the type of breach or attack can change. Make sure that your employees have the knowledge to recover your most valuable assets and processes.

Make sure your entire organization is involved in this process. It can be a lot of work to implement the NIST Cybersecurity Framework, more so if you aren’t using a platform that automates and streamlines your adoption process like CyberStrong does.

  

Learn How CyberStrong Streamlines the NIST Cybersecurity Framework Adoption

 

 

You may also like

Marriott Breach Points To Issue In ...
on December 13, 2018

On Friday, November 30th, Marriott International announced what could be one of the largest data breaches in history. Over 500 million guests’ personal data, ranging from names to ...

The Key To Turning Your Security ...
on December 13, 2018

It is often said, “if you don’t want something noticed, don’t talk about it”. This is true of a bad GPA, a stain on a carpet, or a project you might have missed a deadline for. ...

Solving The Cybersecurity Skills ...
on December 6, 2018

It is no shock to those in the cyber community that cybersecurity has become a board-level issue for many enterprises. A PwC survey showed a 20% increase in CEO’s concern over ...

The Next Wave Of Innovation For ...
on December 12, 2018

   The internet of things (IoT) is a force transforming the modern enterprise. Anything from robotics in warehouses to smart manufacturing to data center monitoring, the ...

The Corporate Compliance and ...
on December 4, 2018

Corporate compliance and oversight (CCO) is one of the main pillars to a strong integrated risk management (IRM) program and solution. Today, compliance leaders are faced with a ...

Securing the AI powered enterprise
on December 5, 2018

Machine learning and artificial intelligence (AI) has become the competitive differentiator of our time. By 2020, Gartner predicts that almost all new products to enter the market ...