NIST Cybersecurity Framework

The NIST Cybersecurity Framework

Overview of Cybersecurity

  • Definition: Cybersecurity refers to the practices and measures taken to secure computers and programs against threats and vulnerabilities.

Five Basic Functions of Cybersecurity (NIST Framework)

The National Institute of Standards and Technology (NIST) has developed a framework that groups cybersecurity tasks into five fundamental functions:

Identify

  • Purpose: This function emphasizes the importance of developing security policies and capacities.

  • Key Tasks:

    • Evaluate risks, threats, and vulnerabilities within the system.

    • Recommend appropriate security controls to mitigate identified risks.

Protect

  • Purpose: In this stage, organizations focus on safeguarding their IT assets.

  • Key Tasks:

    • Develop, install, operate, and retire IT hardware and software assets.

    • Emphasize security as a crucial requirement throughout every stage of the asset lifecycle.

Detect

  • Purpose: This function involves continuous monitoring.

  • Key Tasks:

    • Perform ongoing and proactive monitoring to guarantee that existing security controls are effective.

    • Ensure that measures can defend against emerging types of threats.

Respond

  • Purpose: This function focuses on responding to security incidents.

  • Key Tasks:

    • Identify and analyze security breaches.

    • Contain and eliminate threats to systems and data security.

Recover

  • Purpose: This function entails restoring systems post-incident.

  • Key Tasks:

    • Restore systems and data if other controls fail to prevent attacks.

CIA Triad

  • Definition: The CIA Triad is a fundamental model in cybersecurity that encompasses three core components:

    • Confidentiality: This component represents the fundamental goal of security, which is to ensure that sensitive information and communications remain private and are protected from unauthorized access.

Application of NIST Framework

  • The NIST framework provides a structured approach that organizations can actively apply to improve their cybersecurity posture, guiding the work their employees do to enhance security measures.