Evaluating Where You are Versus Where You Want to Beo
June 28, 2022
Needing to improve your cybersecurity infrastructure? You’re not the only one — with cyberattacks like ransomware and credential theft on the rise, all organizations need to reevaluate their security measures. A good place to start is evaluating where you are versus where you want to be, and the NIST Cybersecurity Framework is a helpful tool in doing just that.
What is the NIST Cybersecurity Framework?
The NIST Cybersecurity Framework is a set of best practices designed to guide organizations on how to build an effective cybersecurity strategy. The goal of the framework is to provide organizations with insight so they can implement best practices that will help address an their unique security needs. It’s a voluntary framework — not required or mandated for compliance — but most of these practices will help organizations meet compliance requirements and defend against cyber threats.
The framework is broken into three parts: The Core, Implementation Tiers, and Profiles.
The Core is made up of — for lack of a better term — the core components of the NIST framework. They are the tangible action items organizations can take to improve their security.
The five NIST cybersecurity core components are:
Identify: Identify all items that need secured, defined, or controlled, like data, networks, systems, policies, internal and external users, access points, assets, and resources.
Protect: This is where tangible action items come in, like implementing MFA, building out a zero trust model, restricting user access or setting controls on user access, and security training for employees.
Detect: These practices are going to help your organization build and strategize how to proactively detect any threats or potential cyber incidents.
Respond: This component ensures organizations have the plans for remediation, containment, communication, analysis, and mitigation in the event of a cyberattack.
Recover: This function deploys recovery efforts to repair data, infrastructure, systems, reputational, or public relations damage.
Profiles and Implementation Tiers
Profiles are pretty much what they sound like — it’s the security profile of your organization, and it’s made up of the business objectives, resources, and “risk appetite” of your business. They should be accurate representations of all the factors that make up your security strategy.
Implementation tiers serve as an assessment tool to help you see how you’re actually doing in regards to security plans. It makes organizations take a hard look in the mirror to see if their cybersecurity posture is more immature and in the partial tier, or if it’s evolving along with threats in the adaptive tier.
How You Can Use the NIST Framework
To put it simply, you can think of the three components of the framework like this:
Implementation Tiers: Where we are
Profiles: What we have
The Core: Where we want to be
And to put things practically, here’s how you can use these three components to establish or improve your cybersecurity strategy:
See where you measure up using the Implementation Tier matrix. Once you’re able to assess the current state of security, you can begin to see gaps and where improvements need to be made.
Collect all items or information needed to complete your Profile so you can gauge your security goals realistically.
Take a look at the five components of the Core and decide on which action items you need to take to fill security gaps.
This framework is purposefully high-level so every orgnaization can figure out how to implement it in the way that works best for them. Determine how the NIST Framework can fit into your security structure and start taking proactive steps to protect critical assets from rising and evolving threats.