<img src="https://ws.zoominfo.com/pixel/4CagHYMZMRWAjWFEK36G" width="1" height="1" style="display: none;">
Request Demo

NIST Cybersecurity Framework

Building a Holistic Cybersecurity Program

down-arrow

Gartner analyst Earl Perkins, research vice president, presented five cybersecurity trends during the Gartner Security & Risk Management Summit in 2017. One of his key takeaways was that cyber programs need to try a more holistic approach to cyber program strategy.

Getting hacked isn't an "If" anymore but a "When." Stop Focusing on Protection and Prevention Alone.

“Take the money you’re spending on prevention and begin to drive it more equitably to detection and response,” said Mr. Perkins. “The truth is that you won’t be able to stop every threat and you need to get over it.” 

In the past year, it's become clear that even the largest enterprises can be subject to data breaches. Therefore, this year if you're wondering where to focus your attention, spending time on making and testing your response plans, plans for remediation, and methods of detection is key. Still focus on the latest methods of protection and prevention, but realize that you have to have all of your best practices in place holistically implement a cybersecurity program.

A Holistic Approach: The NIST Cybersecurity Framework

The NIST Framework is the most thorough and holistic approach to cyber security program best practices. However, it's the most complex framework to implement covering over 900 security controls over 5 major functions. The functions are important because they allow security teams to prioritize all areas of a holistic program equitably. Identify, Protect, Detect, Respond, and Recover are the five functions, and they cover all areas that you would want to address.

Gartner reports that the framework is used by 30% of U.S. organizations, with projected use of 50% by 2020. [Download the Free NIST Cybersecurity Framework Guide]

Use of the framework is usually attributed to three key motivations: aligning with cybersecurity best practices (70%); business partner requirements (29%); and federal contract requirements (28%) - according to Gartner.

It's clear that more and more organizations are aligning with the NIST Framework and are requiring their partners, vendors, and suppliers to do so as well. If you're interested in learning more about the Framework and building a holistic approach to managing security, let us know and we can give you the advice to get your security plan started. The CyberStrong Platform can baseline you against the Framework in HOURS.

 

You may also like

October Product Update
on October 3, 2022

Hey, Jimmy - is it really always 5 o’clock somewhere? If not, it should be! With this release, we’re focusing on empowering our customers to work smarter, not harder. Whether ...

How Does FAIR Fit into ...
on September 26, 2022

The Factor Analysis of Information Risk (FAIR) methodology breaks down risk into elements that organizations can compute, understand, analyze and quantify cyber threats and their ...

All-in-One Cybersecurity Board ...
on September 19, 2022

CISOs and Board Members can no longer ignore the importance of cybersecurity. New cyber attacks and threats surface every week and threaten the security of business operations. ...

Rules for Effective Cyber Risk ...
on September 12, 2022

Cybersecurity threats are becoming more challenging for businesses. According to PurpleSec’s Cyber Security Trend Report in 2021, cybercrime surged by 600% during the pandemic, ...

A Pocket Guide to Factor Analysis ...
on September 14, 2022

FAIR, short for Factor Analysis of Information Risk, is a risk quantification methodology founded to help businesses evaluate information risks. FAIR is the only international ...

Your Guide to Cyber Risk ...
on August 30, 2022

During the pandemic, online businesses flourished as people turned to e-commerce stores to shop from the comfort and safety of their homes. This unprecedented expansion of ...