Making the NIST Cybersecurity Framework Work For You
Why Should I Consider the NIST Cybersecurity Framework(NIST CSF)?
The NIST Cybersecurity Framework (NIST CSF) is great for organizations that want to improve their information security maturity. Other organizations may align the framework with other compliance or governance requirements. The NIST CSF has five cyclical functions that cover an organization’s security processes: Identify, Protect, Detect, Respond, and Recover.
Regardless of the reason, getting started with the NIST Framework is often the #1 challenge. Against a complex environment, the framework can seem overwhelming.
Where Do I Start?
Almost all information security frameworks start with asset management. You can’t secure devices you don’t know about! But asset management doesn’t have to be complete or perfect before moving through the framework.
Start with the assets you already know about and work with, in your daily operations. For most organizations, this means high impact assets with a low volume of devices. Examples include servers, domain controllers, and firewalls. Asset management doesn’t need to be complicated – it can start with a short, written list. In this post, we’ll use firewalls as an example.
Breaking it down
After you’ve inventoried a category of assets, you can move through the framework and pick the tasks that will best secure it. This can be done by asking what-if questions and documenting the answers. Here are some examples:
Identify / Governance
Who manages the firewall? How often do they manage it? What are they allowed to do? What is the approval process for changes?
Protect / Access Control
Who can log into the firewalls? What level of access do they have and what can they do with that data? Is monitoring in place?
Protect / Maintenance
Who checks for and installs updates? Who reviews release notes? How often is maintenance on the firewall performed?
Detect & Response
How are incidents detected? What is the response plan when an incident is detected?
Recovery
How are backups performed? When a firewall goes down, who is notified and what is the process for getting it back online?
Want to know more about NIST CSF?
Check out this resource for more information about the NIST CSF version 1.1 and to access online learning resources!
Summary
It’s easier to start on the NIST CSF by taking small steps, grouping assets into categories, and documenting the operational processes you already have. Starting with the high-impact, low-volume assets will save valuable time, and makes the biggest impact in improving your organization’s security stance.
How Sedara Can Help with the NIST Cybersecurity Framework
Sedara helps organizations implement the NIST CSF to improve their cybersecurity programs. Our team will take your information security maturity to the next level with proven methods and expertise.
Subscribe to Sedara Declassified to get timely updates on new and evolving threats – and what to do about them – just like our clients do.