?? CYBERSECURITY FRAMEWORK: 6 Steps

?? #CYBERSECURITY #FRAMEWORK: 6 Steps

??? Potential impacts from cybersecurity #risks include higher costs, lower revenue, reputational damage, and the impairment of innovation. They also threaten individual privacy and access to essential services.

??? This recently-released and updated #NIST framework bears repeating. It provides guidance to industry, government agencies, and other organizations — regardless of size, sector, or maturity — to reduce cybersecurity risks. It helps you understand, assess, prioritize, and communicate about those risks, and the actions that will reduce them, in 6 ways, as follows:

?

?? 1: GOVERN: Establish and monitor your cybersecurity risk management strategy, expectations, and policy.

??? Governance is cross-cutting and provides outcomes on how you will achieve and prioritize the outcomes of the other 5 Functions (below) in the context of mission and stakeholder expectations. This is critical for incorporating cybersecurity into your broader enterprise risk management strategy. It directs an understanding of organizational context; the establishment of cybersecurity strategy, and cybersecurity supply chain risk management; roles, responsibilities, and authorities; policies, processes, and procedures; and the oversight of cybersecurity strategy.

?

?? 2: IDENTIFY: Help determine the current cybersecurity risk to the organization.

??? Understanding your assets (e.g., data, hardware, software, systems, facilities, services, people) and the related cybersecurity risks enables you to focus and prioritize your efforts consistent with your risk management strategy and mission. It includes the identification of improvements needed to policies, processes, procedures, and practices supporting cybersecurity risk management to inform efforts under all 6 steps.

?

?? 3: PROTECT: Use safeguards to prevent or reduce cybersecurity risk.

??? Once assets and risks are identified and prioritized, you need to secure those assets to prevent or reduce the likelihood and impact of adverse events. This covers awareness and training, data security, identity management, authentication, access control, platform security (i.e., securing hardware, software, and services of physical and virtual platforms), and the resilience of technology infrastructure.

?

?? 4: DETECT: Find and analyze possible cybersecurity attacks and compromises.

??? This enables timely discovery and analysis of anomalies, indicators of compromise, and other potentially adverse cybersecurity events that may indicate that attacks and incidents are occurring.

?

?? 5: RESPOND: Take action regarding a detected cybersecurity incident.

??? This is the ability to contain the impact of incidents, including incident management, analysis, mitigation, reporting, and communication.

?

?? 6: RECOVER: Restore assets and operations impacted by an incident.

??? This is the timely restoration of normal operations and enable appropriate communication during recovery efforts.

?? PROFILES

??? You then need to establish 2 types of Profiles:

?

?? 1: Current Profile: Core outcomes that you are currently achieving (or attempting to achieve) and how or to what extent each outcome is being achieved.

?

?? 2: Target Profile: Desired outcomes that you selected and prioritized from the Core for achieving your cybersecurity management objectives. It takes into account anticipated changes to your cybersecurity posture, such as new requirements, new technology adoption, and cybersecurity threat intelligence trends.

?

Source: For full details, please see the full 52-page PDF, available free here: https://doi.org/10.6028/NIST.CSWP.29.ipd

? Thanks for Reading my QAIMETA for BUSINESS LinkedIn Newsletter. It's FREE and has 7,500+ “subscribers” – including CxOs globally. Please join them! (Switch on Newsletter Notifications to be Notified when each issue is published.)

?