<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo

NIST Cybersecurity Framework

Building a Holistic Cybersecurity Program

down-arrow

Gartner analyst Earl Perkins, research vice president, presented five cybersecurity trends during the Gartner Security & Risk Management Summit in 2017. One of his key takeaways was that cyber programs need to try a more holistic approach to cyber program strategy.

Getting hacked isn't an "If" anymore but a "When." Stop Focusing on Protection and Prevention Alone.

“Take the money you’re spending on prevention and begin to drive it more equitably to detection and response,” said Mr. Perkins. “The truth is that you won’t be able to stop every threat and you need to get over it.” 

In the past year, it's become clear that even the largest enterprises can be subject to data breaches. Therefore, this year if you're wondering where to focus your attention, spending time on making and testing your response plans, plans for remediation, and methods of detection is key. Still focus on the latest methods of protection and prevention, but realize that you have to have all of your best practices in place holistically implement a cybersecurity program.

A Holistic Approach: The NIST Cybersecurity Framework

The NIST Framework is the most thorough and holistic approach to cyber security program best practices. However, it's the most complex framework to implement covering over 900 security controls over 5 major functions. The functions are important because they allow security teams to prioritize all areas of a holistic program equitably. Identify, Protect, Detect, Respond, and Recover are the five functions, and they cover all areas that you would want to address.

Gartner reports that the framework is used by 30% of U.S. organizations, with projected use of 50% by 2020. [Download the Free NIST Cybersecurity Framework Guide]

Use of the framework is usually attributed to three key motivations: aligning with cybersecurity best practices (70%); business partner requirements (29%); and federal contract requirements (28%) - according to Gartner.

It's clear that more and more organizations are aligning with the NIST Framework and are requiring their partners, vendors, and suppliers to do so as well. If you're interested in learning more about the Framework and building a holistic approach to managing security, let us know and we can give you the advice to get your security plan started. The CyberStrong Platform can baseline you against the Framework in HOURS.

 

You may also like

Conducting Your First Risk ...
on January 30, 2023

As digital adoption across industries increases, companies are facing increasing cybersecurity risks. Regardless of their size, cyber-attacks are a persistent threat that must be ...

Your Guide to Cloud Security ...
on January 26, 2023

Cloud computing refers to the delivery of multiple services via the internet (also known as the “cloud”), including software, databases, servers, storage, intelligence, and ...

Compliance and Regulations for ...
on January 9, 2023

Compliance for many cybersecurity programs has been the cornerstone and the catalyst for why many programs exist in the first place. Since the rise of the information technology ...

Cyber Risk Quantification: Metrics ...
on January 6, 2023

Risk management is the new foundation for an information security program. Risk management, coupled with necessary compliance activities to support ongoing business operations, ...

Padraic O'Reilly
Cybersecurity Maturity Models You ...
on January 27, 2023

Cybercrime has forced businesses worldwide into paying billions of dollars yearly. As more of the population becomes dependent on technology, the fear of cyber attacks continues ...

Top 10 Risks in Cyber Security
on December 23, 2022

Increasing cyber security threats continue creating problems for companies and organizations, obliging them to defend their systems against cyber threats. According to research ...