Looking at the NIST Cybersecurity Framework

The Biden administration has been taking steps to bolster cybersecurity in the United States in recent months. He signed an executive order back in May aimed at strengthening the protection of computer networks and systems in the government and across the country. Then in August, he tasked the National Institute of Standards and Technology (NIST) with producing a new cybersecurity framework.

What Is the NIST Cybersecurity Framework?

The NIST framework consists of three components: core, implementation tiers, and profiles. Each piece evaluates the impact of different levels of cybersecurity risks.

The Core

There are five functions of the framework core, with the first being identification. This function encourages organizations to identify their critical systems and assets. By identifying your critical systems, you can prioritize risk management efforts.

Second, the protect function helps organization streamline their cybersecurity efforts by being proactive in preventing threats. Instead of playing defense when there is a cybersecurity attack, you put up guards so that these attacks cannot breach your systems in the first place.

Third, the detect function will help you develop strategies to detect threats and weaknesses in your systems that may exist. By using the framework, you should be able to catch them before they escalate. The detect function includes continuous monitoring, anomalies and events, and detection processes.

When you detect a cybersecurity threat, you must respond. This function helps guide you in how you should react and eliminate a threat.

Finally, after you successfully manage cybersecurity risk, your system may have been damaged. This function will help you restore your systems to their original state.

Implementation Tiers

Tier 1 is a partial approach to cybersecurity. This tier is less proactive and more reactive, and Cybersecurity awareness is relatively limited at this level.

Tier 2 is risk-informed, and it is when you start to take a formal approach to cybersecurity. In this tier, your management team recognizes the importance of cybersecurity and starts to equip employees with tools to execute cybersecurity protocols should the need arise.

Tier 3 is repeatable, and it is when cybersecurity gets more advanced. Here you will implement a formal framework for risk management, and you will regularly update your cybersecurity management in line with your business needs. At this point, you will also have a process for communications and collaborations with external sources.

Tier 4 is the final tier and when your organization becomes adaptive. At this peak in cybersecurity risk, you should have learned lessons from past incidents, and you should use those lessons to strengthen your system. Your employees are equipped with the knowledge to solve cybersecurity issues themselves, and your organization thrives on a healthy cybersecurity culture.

Framework Profiles

The goal of the framework profiles is to help organizations find a balance between business needs, resources, and managing cybersecurity risks. You can use these profiles to get a clear picture of your business’s strengths and weaknesses so that you can create processes to harness your strengths and address your weaknesses.

By: Alex O’Reilly