Networks
Future ready, intelligent networks for critical environments.
Technologies developed at a much faster rate than laws and regulations could keep up with.
With a lack of clear standards came increased risks, particularly of the cyber security kind.
Industries and businesses approach their cyber security needs in different ways, and a lack of a unified strategy has allowed cyber criminals to work their way in, praying on vulnerabilities.
In an attempt to help businesses understand and improve their management of cyber security related risks, the National Institute of Standards and Technology created their Cybersecurity Framework.
What is the NIST Cybersecurity Framework?
The framework is a set of best practices and guidelines for companies to improve their identification, detection, and response to cyber-attacks.
At the framework's core is a set of cyber security activities, which link together to provide a high-level, strategic view of a risk management lifecycle. These are defined below:
1. Identify
Identify and quantify all key aspects of the business, including data, systems, personnel, environment, policies and procedures. Understand the risks posed by cyber attackers and developing a strategy to deal with them.
2. Protect
Introduce practices and safeguards around access control, employee awareness and training, and data security to minimise exposure to cyber threats. The maintenance and updating of protective measures should also be factored into planning.
3. Detect
This function requires companies to implement a continuous security monitoring infrastructure capable of detecting anomalous activity that may compromise security. It also encourages constant testing and maintenance of these detection measures.
4. Respond
A company must have an effective strategy in place to deal with threats once detected to minimise their impact. Lessons from the security breach should be understood to better defend against attacks in the future.
5. Recover
Companies must put in place critical plans and structure necessary to restore any functionality compromised by the attack and return to business as usual.
But isn’t the framework American?
Yes, NIST is a non-regulatory agency of the United States Department of Commerce, but cybercriminals aren’t hindered by invisible country borders. If something helpful for businesses has been developed, it shouldn’t go to waste.
It can be argued that every business should consider its cyber security with the Framework in mind—70% of businesses view NIST’s framework as a security best practice.
Implementing the framework
The NIST Cybersecurity Framework offers a higher-level methodology for businesses to align their business and technological approaches. However, how they implement the practices can be slightly tricky, especially when other critical business chores consume resources.
64% of businesses use some part of the NIST framework but are still open to vulnerabilities due to the cost of adoption.
Our Securyx Threat Management service helps to address these five core aspects of the framework:
1. Identifying threats
We automatically identify computer assets and users associated with threats in the environment so you can pinpoint who is affected. We also identify devices that don’t have agents installed and previously unknown yet connected devices.
2. Protecting your assets
It protects Windows, Mac, and Linux endpoints from multiple vectors of attack, including file-based malware, script-based attacks, and zero-day campaigns, by using multiple AI models within a single agent.
3. Detecting attacks and breaches
Automatically detects attacks across the endpoint environment, regardless of how they are delivered to the machine via multiple detection engines. Our Managed Detection and Response service, adds another layer of detection through 24×7 threat monitoring by our trained security analysts.
4. Responding swiftly and methodically
Provides effective response measures through patented endpoint remediation capabilities. The agent can automatically clean an infected machine by identifying changes made by malware and undoing these changes with rollback mechanisms. All detected threats are responded to at any hour of any day, taking the burden off your shoulders.
5. Recovery and continuity
It provides a recovery option called Rollback. Rollback restores an endpoint to a pre-attack state by remediating and automatically restoring damaged file system information. This feature literally rewinds the effects of attacks such as ransomware.
Explore our 24×7 threat monitoring & response solution to find out how you can create your own robust framework.