The NIST Framework is good hygiene for your cybersecurity measures.
Meet The NIST Framework
The National Institute of Standards and Technology (NIST) developed a Cybersecurity Framework to complement and support a company’s risk management process and cybersecurity program.
The NIST Framework Core is made up of five Functions: Identify, Protect, Detect, Respond, and Recover. Together, they can give you a clearer picture of where your current cybersecurity processes stand, what you can do to improve them, and what steps you need to take to get where you want to be. According to NIST, “The [Framework] Core is not a checklist of actions to perform. It presents key cybersecurity outcomes identified by stakeholders as helpful in managing cybersecurity risk.”
Identify: What’s My Current Situation?
It’s hard to make changes — or even know what changes to make — without taking a clear look at your situation.
As you start reviewing all the departments and other aspects of your company, ask yourself if your current processes can meet your business needs. Activities to “identify” or assess your current cybersecurity situation and areas of weakness include:
• Asset management – how are you managing your client’s assets?
• Risk assessment – what are the risks involved in your line of business?
• Current risk management strategy – how would you react to a cybersecurity situation should it occur?
• Current rules and regulations – how do you run your business?
• Business environment – who are your business partners and what are your interactions?
Protect: Adding Safeguards
Once you have a clear picture of your current position, you’ll have a better idea of how you can protect your business against incoming attacks.
When it comes to cybersecurity, if your staff lacks training on how to identify phishing attacks, then ongoing security training might be something you want to enroll them in. Other things you might want to implement, depending on your identified areas of vulnerability, include:
• Identity management and access control
• Data security
• System maintenance
• Protective technology
• Information protection processes and procedures
Detect: When Something Isn’t Right
When it comes to your network, you must know when a cybersecurity issue arises. Do you have the software in place to identify a virus? Is your staff trained to be on the lookout for suspicious links and emails?
Identifying when problems are taking place means stopping them before they snowball out of control and you end up losing or leaking sensitive data. Some things you can do under the “Detect” Function include:
• Identifying and stopping anomalies and events
• Security continuous monitoring
• Detection processes
Respond: Now What?
Okay, despite all your efforts, something bad happened. Now what? How do you respond?
For example, you detected a malware attack but were able to shut down your system and restore from your backup data. But now that you’ve experienced how long it currently takes you to restore data, you decide that you want a faster backup system. It’ll cost more, but you’ll have less downtime.
Other potential “Respond” activities to cybersecurity incidents include:
• Analysis of the response
• Finding ways to mitigate the damage
• Improve on current processes and procedures
• Communicating with stakeholders, staff, and clients about the incident
Recover: Fix What’s Broken
After that cybersecurity incident, you need to bring your system and services back online as quickly as possible. The “Recover” Function of the NIST Framework helps your business develop ways to reduce the impact of an attack.
• System improvements
• Creating a recovery plan (if you don’t already have one)
• Recovery planning changes (if you do have one)
• Getting employees and clients on the same page with regards to the recovery process
Applying the NIST Framework
The NIST Framework is all about risk assessment and risk management. Your business can use it to determine how likely it is that an event will occur, how you can respond, and the potential impacts that it will have on your company and your clients. Since every MSP is different, how you choose to handle risk is up to you. Some partners prefer to mitigate risk, others want to avoid it, and still others accept it.
Pax8 can help with assessing, determining, and supporting your cybersecurity needs.
