Page 55 - Cyber Warnings
P. 55
some emergency treatment. The framework is a great base to help you establish new targets
and identify areas that need improvement.
In just two years NIST’s Cybersecurity Framework reached 30% adoption and that’s set to grow
to 50% by 2020, according to Gartner. The more organizations adopt the framework and share
their successes and failures, the stronger the collective grows. Widespread adoption also
sparks the creation of automated tools and processes.
Flexible approach you can measure
Because cybercriminals are constantly working on new avenues of attack, it’s vital to continually
improve your defensive efforts. That’s why the constantly evolving framework takes a risk-based
approach that’s focused on general principles.
The Framework Core addresses five functions: Identify, Protect, Detect, Respond, and
Recover. This isn’t a list to tick off as you work through it, but rather a set of functions that
should be continually and concurrently addressed for a healthy cybersecurity strategy.
There are four Framework Implementation Tiers that are designed to aid organizations in
moving from general reactive responses to threats to a more risk-informed strategy. This
involves careful consideration of probable threats, legal and regulatory requirements,
organizational constraints, and business goals.
The incredibly useful Framework Profile enables companies to uncover the differences
between their current approach and their target goals for security. Once fully configured, it can
accommodate an organizations goals for security balanced against their business needs and
cost effectiveness.
This is just a brief overview, but you can see that the framework is easily adaptable to any
industry. It offers a real opportunity to gain a big picture of your cybersecurity efforts, work
towards improving them, and assess your success as you go. The battle against cybercrime is
more of a race. You can’t implement a set of security guidelines and be done, you need to be
proactive and work with others to ensure you stay out in front and that’s exactly what NIST’s
Cybersecurity Framework is all about.
About the Author
Michelle Drolet is CEO of Towerwall, a data security services provider in
Framingham, MA with clients such as Becker College, Middlesex Savings
Bank and Smith & Wesson. She enjoys reseller partnerships with leading
security vendors such as AlienVault, Sophos, Websense, Qualys and
others. She can be reached at [email protected] or online at
www.towerwall.com.
55 Cyber Warnings E-Magazine – July 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
