The National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity (NIST Cybersecurity Framework) organizes basic cybersecurity activities at their highest level. Show The National Institute of Standards and Framework’s Cybersecurity Framework (CSF) was published in February 2014 in response to Presidential Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” which called for a standardized security framework for critical infrastructure in the United States. The NIST CSF is recognized by many as a resource to help improve the security operations and governance for public and private organizations. While the NIST CSF is a terrific guideline for transforming the organizational security posture and risk management from a reactive to proactive approach, it can be a difficult framework to actually dive into and implement. If you’re struggling to get through the NIST Cybersecurity Framework, a quick overview and summary of the framework can help you accelerate your security transformation. When the first skyscrapers were built, they had between 10 and 20 floors. Today, skyscrapers have over 100 floors and are thousands of feet tall. Though many engineering and technological advances have contributed to this progress, modern reinforced concrete frameworks are most critical to the strength and stability of these superstructures, fortifying them against strong winds and earthquakes. Similarly, the information technology systems and networks that support our society's infrastructure require solid frameworks to ensure their security and stability. This infrastructure, from government services to utilities to privately held companies, relies increasingly on such systems and networks. If not secured, these systems could be targeted by hackers and suffer devastating consequences. To secure and protect your assets, electronic or otherwise, you must address three general areas of cybersecurity: prevention, detection and response. Yet, in spite of the fact that data breaches are an increasing threat to the viability of businesses, most do not have a cybersecurity plan in place and are not prepared to handle the costs and consequences associated with a data breach. It’s not a matter of if, but when a cyber incident will occur. Here’s what you need to know to weather the storm. Prevention of Cybersecurity Incidents
Why perform a cybersecurity risk assessment?
The results of this assessment will be different for each organization, as will the solutions. An assessment is particularly important if there are defined requirements or regulations for the information you’re protecting. If you don’t have the right safeguards in place, you could face higher fines and penalties in the event of a breach. Detection of Cybersecurity Incidents Monitoring and assessing the network, logs and reports should be a regular and ongoing task. And you must implement a technical strategy for detection that includes everyone in your organization. Establish regular training for cybersecurity awareness, deploy malicious code detection to your entire network, harden your network environment against vulnerabilities, and use firewalls to block unauthorized activity on your network. Here's what you should be looking for when it comes to cybersecurity risk. Response to Cybersecurity Incidents To navigate an incident safely and successfully, you must establish an incident response plan for key personnel to follow in the event of a breach or attack. For this plan, you should:
What are the key roles on an incident response team? The Veterans: When it comes to incident response, IT professionals are the champions of their company’s security. When an end-user finds a potential cybersecurity threat, the IT professional confirms the threat based on the incident response plan. They then work to mitigate the incident. They must also practice restraint, as mishandling information during an incident could leave the company responsible and liable for spoliation of data. The Investigators: After several cybersecurity incidents, you’ll want assistance from a third-party forensic team, who can provide extensive expertise, tools and resources you may not have available within your company. You may also need a third-party forensic team to conduct an impartial review or report for insurance reasons. The Internal Lead: It is important to have a person in charge of controlling the dissemination of information throughout the company. This role is typically filled by either the Chief Security Officer or head of Public Relations. They will maintain and report information and results to the company as needed. Other team members will defer to the internal lead for guidance and authority. Ideally, this person should have some technological experience or insight into the company’s technical makeup. And they should rank high enough to deter suspicion over delegating orders or taking possession of devices. The Legal Representative: The company attorney or legal representative will manage public and private perception of the company and ensure that there are no legal repercussions when the incident is resolved. They organize a plan based on the information to best help the company and they give insight into legal nuances of incident response, such as when to reveal your cards and when to call an investigation to a close. This role is especially critical if your company is dealing with protected information beholden to regulatory bodies. As you can see, each member of the team has a specific and vital responsibility. Going through any incident without a complete team could end up costing more money and bringing confusion and unnecessary stress to an already precarious security situation. The NIST Framework for Improving Critical Infrastructure Cybersecurity
Potential Consequences of Being Unprepared While it’s important to keep up with new regulations around handling personal and confidential information, the regulations aren’t designed to protect your business and operations. Ultimately, it’s an organization-wide issue and the responsibility falls to owners, executives and board members. By taking a holistic approach to cybersecurity management, you can reduce weakness in your cybersecurity defenses. Here are a few tips for developing a defensible process:
Infrastructure Vulnerability and Chaos Industry-Specific Consequences Higher Education: There are strict regulations for handling and protecting personal information retained through the financial aid system. The responsibility falls to several parties, including institutions and third-party services. Compliance is audited and, if a risk is identified, consequences range from disabled access to information systems to fines and other actions deemed appropriate by the Department of Education. Automotive Sales: Auto dealerships collect a significant amount of consumer information and are prime targets for hackers. Common cyber incidents for this industry include breaching a Wi-Fi networks, phishing scams, fraud and installing malware via email. One of the biggest consequences of such activity is reputation damage. Nearly 84& of consumers would not buy another car from a dealership that had a security breach. Manufacturing: A recent study found that nearly 40 percent of manufacturers don’t have a cybersecurity plan, and it’s also true that many manufacturers operate using outdated technology. These conditions increase their vulnerability to cyberattacks. Plus, manufacturing is an industry that has to protect a special type of data: intellectual property. Trade secrets and build lists set companies apart and drive brands and could be stolen or held for ransom. The Importance of Implementing a Cybersecurity Plan On average, it will take 280 days to identify and contain a cyber threat. Are you prepared to wait that long? How do you implement cyber security strategy?8 Steps To Creating A Cyber Security Plan. Conduct A Security Risk Assessment.. Set Your Security Goals.. Evaluate Your Technology.. Select A Security Framework.. Review Security Policies.. Create A Risk Management Plan.. Implement Your Security Strategy.. Evaluate Your Security Strategy.. What do you implement in cyber security?Conduct cyber security training and awareness. ... . Perform risk assessments. ... . Ensure vulnerability management and software patch management/updates. ... . Use the principle of least privilege. ... . Enforce secure password storage and policies. ... . Implement a robust business continuity and incidence response (BC-IR) plan.. How do you implement cybersecurity risk assessment process?Download this entire guide for FREE now!. Step 1: Determine the scope of the risk assessment. ... . Step 2: How to identify cybersecurity risks. ... . Step 3: Analyze risks and determine potential impact. ... . Step 4: Determine and prioritize risks. ... . Step 5: Document all risks.. What are the five 5 steps of the cybersecurity lifecycle?It consists of five concurrent and continuous Functions: Identify, Protect, Detect, Respond and Recover.
|