Home / CYBER CRIME / The NIST Cybersecurity Framework Revisited
MYICT-WEB-PAGE

The NIST Cybersecurity Framework Revisited

MYICT-WEB-PAGEIn February 2014 the National Institute of Standards and Technology (NIST) issued a new set of cyber security guidelines designed to help critical infrastructure providers better protect themselves against attacks.

The framework was the result of an executive order issued by President Barack Obama in 2013 to establish a set of voluntary cyber security standards for critical infrastructure companies. One year later, has the NIST Cybersecurity Framework had any measurable impact on improving cyber resilience or was it just smoke and mirrors as many opponents predicted at the time?

The NIST Cybersecurity Framework was born out of the realization that cyber-attacks represent one of the most serious economic and national security threats our nation faces. The framework offers:

• A set of activities to anticipate and defend against cyber-attacks (the “Core”)

• A set of measurements to assess to what degree an organization has implemented the core activities and benchmark how prepared they are to protect systems against an attack (the “Implementation Tiers”)

• A “Profile” that can be used to identify opportunities for improving an organization’s cyber security posture by comparing a current profile with a target profile.

In addition, the NIST Cybersecurity Framework includes a comprehensive collection of so-called Informative References, which are specific sections of standards, guidelines, and practices common among critical infrastructure sectors.

By assembling all these data points in a single repository, the government provided a common nomenclature and methodology to help less advanced organizations assess their level of security preparedness and benchmark themselves. In this regard, the NIST Cybersecurity Framework was a good first step towards creating a standardized approach to cyber security. However, it became immediately apparent at the time of its release that the framework required many substantial updates before it could really help improve the nation’s cyber resilience. It’s not surprising that, despite some anecdotal evidence presented to a Senate committee at a February 4th hearing, there has been no measurable proof that using the framework can help prevent cyber-attacks.

Ultimately, the NIST Cybersecurity Framework provides some valuable building blocks for implementing better cyber security practices, but is not a silver bullet for preventing cyber-attacks and data breaches. It’s important to understand that guidelines and regulations are static by nature and therefore cannot evolve to detect and mitigate morphing threats. Meanwhile, regulatory compliance moves far too slowly to keep up with cyber-attackers. Guidelines can also expose holes in proposed measures, which attackers can use as a blueprint for their attack strategy.

Ultimately, proper security measures and best practices are just one part of the solution. One of the biggest challenges for organizations is managing the sheer volume, velocity, and complexity of data feeds that must be analyzed, normalized, and prioritized to even stand a chance of detecting a cyber-attack. The Target breach was a good example. Although the best-of-breed technology in place was able to detect the intrusion early on, the alerts were buried in a sea of data which prevented the security team from connecting the dots and responding in a timely fashion. Instead, a third-party reported the stolen data being posted on the Internet and exposed the breach.

Without data automation it can take months and even years to perform big data risk analysis and piece together an actionable security assessment. Findings ways to use technology to overcome the lack of human resources needed to extract intelligence from security feeds and respond in a timely fashion should remain a focal point for organizations.

In this context, the NIST Cybersecurity Framework is an important building block, but still just the first step towards implementing operationalized defenses against cyber security risks.

By Torsten George

FacebookTwitterGoogle+Share

About adibsaani

Check Also

malware_keyboard_idg-100311220-primary_idge

The Top 15 Countries for Safe Data Storage

​Switzlerand and Singapore are the respective best and second best nations on earth for safe …

41 comments

  1. Hello! Someone inside my Myspace group shared this website with us so I arrived at have a style.
    I’m definitely loving the details. I’m book-marking
    and will also be tweeting this to my followers!
    Excellent blog and amazing style and design.

    Also visit my site MajorTTarzia

  2. Good day! This is my first comment here so I just wanted
    to give a quick shout out and tell you I truly enjoy reading
    your articles. Can you suggest any other blogs/websites/forums that go over the same subjects?
    Appreciate it!

    my web page :: MarenJFravel

  3. It’s really very complex in this particular busy life to listen news on TV, therefore I just use internet for
    the purpose, and get the latest news.

    Also visit my site – YongGWhite

  4. Great post! We are going to be linking to this
    particularly great content on our site. Keep up to date the best writing.

    Feel free to surf to my site – LeonardBSrey

  5. Oh my goodness! Impressive article dude! Thanks a lot, However I am just dealing with
    troubles with your RSS. I don’t know why I can’t join it.
    Will there be anybody having identical RSS problems? Anybody that knows the answer is it possible
    to kindly respond? Thanx!!

    Here is my blog; IveyMBarda

  6. It’s a pity you don’t have got a donate button! I’d undeniably donate
    to this excellent blog! I guess for now i’ll be satisfied with bookmarking and adding your
    Feed to my Google account. I look ahead to new updates and may share this site with my Facebook group.
    Talk soon!

    Here is my web site: DaveDGioia

  7. I simply couldn’t depart your website before suggesting
    that I extremely loved the conventional info a person provide in your guests?
    Is likely to be again incessantly to take a look at new posts

    Also visit my blog :: DwightTKnoth

  8. Its like you read my mind! You appear to know a
    lot about this, like you wrote the book in it or something.

    I think that you can do with a few pics to drive the message home a little bit, but other than that, this is
    magnificent blog. An excellent read. I’ll certainly be back.

    Look at my homepage … JeremyTAprea

  9. I appreciate, lead to I found exactly what I used to be having a look for.
    You have ended my 4 day long hunt! God Bless you man. Have
    a great day. Bye

    Stop by my homepage: ToniTCurtiss

  10. Should you desire to increase your experience simply keep visiting this website and stay updated
    with all the newest information posted here.

    Also visit my webpage; MarioERimm

  11. Hey! This is my first trip to your blog! We have been a team
    of volunteers and starting a new project inside a community in the same
    niche. Your site provided us valuable information to be effective on. You might have done a outstanding job!

    My webpage; DarwinIMohre

  12. Do you have a spam issue on this website; I also am a blogger, and
    I was wanting to know your situation; many of us have created
    some nice methods and we are looking to swap strategies with others, be sure to shoot me
    an email if interested.

    Feel free to surf to my page; EmmyLGerster

  13. With havin a lot content do you ever come across any problems of plagorism
    or copyright violation? My website has a lot of completely unique
    content I’ve either created myself or outsourced but
    it really appears like a variety of it is popping it everywhere in the internet without my authorization. Have you any idea any methods to help reduce content from being scammed?
    I’d truly appreciate it.

    Take a look at my web site; MauriceWVita

  14. When someone writes an part of writing he/she maintains the thought of the user in his/her mind that the way a user can be familiar with it.
    Therefore that’s why this post is great. Thanks!

    Feel free to visit my site :: MartinNClune

  15. Excellent website you’ve got here.. It’s difficult to find high-quality writing like yours nowadays.
    I honestly appreciate individuals as if you!

    Take care!!

    My web-site :: MonnieMSledz

  16. Hello, i feel which i saw you visited my site so i came to go back the
    favor?.I’m attempting to to get issues to improve my site!I assume its ok to work with a
    number of your concepts!!

    my homepage … CarolWMuyres

  17. I visited several sites except the audio feature for audio songs current at
    this particular site is genuinely marvelous.

    Here is my web page: BokCCarignan

  18. Good info. Lucky me I ran across your web site unintentionally (stumbleupon).
    I actually have book marked it for later!

    Also visit my weblog :: JaimeASobran

  19. I read through this paragraph completely concerning the
    difference of most updated and earlier technologies, it’s amazing article.

    Feel free to surf to my blog NildaZAdamos

  20. Hey! This post could not be written any better! Reading this post reminds me of my
    previous room mate! He always kept talking about this.
    I will forward this page to him. Pretty sure he will have a good read.
    Many thanks for sharing!

    Also visit my web blog: AhmedDLoparo

  21. Hi there! This blog post couldn’t be written any better!
    Looking through this article reminds me of my previous roommate!

    He always kept preaching about this. I will forward this post to him.
    Fairly certain he’s planning to have a great read.
    Thank you for sharing!

    my web-site; RonKAntrican

  22. I’m extremely impressed together with your writing skills as well as
    with all the layout on your blog. Is this a paid theme
    or did you modify it yourself? Anyway keep up to date the
    excellent quality writing, it’s rare to view a great blog this way one today.

    My site; KenORathmann

  23. May I simply just say what a relief to find someone who really knows what they are discussing on the net.
    You definitely realize how to bring an issue to light and make it important.
    A lot more people really need to look at this and understand this side of
    your story. I was surprised that you’re not more popular because you certainly possess the gift.

  24. Wow that was odd. I just wrote an incredibly long comment but after I clicked submit my comment didn’t appear.
    Grrrr… well I’m not writing all that over again. Anyways, just wanted to
    say great blog!

    my web blog – JordanASpahn

  25. Hi there! This article couldn’t be written any better!
    Experiencing this post reminds me of my previous roommate!

    He constantly kept preaching about this. I most definitely will send this
    post to him. Sure he’ll have got a good read. I appreciate you sharing!

    my website :: PazOSrader

  26. I understand this if off topic but I’m looking at starting
    my weblog and was wondering what all is required to get set up?
    I’m assuming possessing a blog like yours would cost a
    pretty penny? I’m not too web smart so I’m not 100% positive.
    Any tips or advice will be greatly appreciated. Appreciate
    it

    my site AnnisHAttles

  27. This post is truly a fastidious one it assists new internet
    viewers, who are wishing for blogging.

    Feel free to surf to my web page HungDLatassa

  28. Hi there colleagues, pleasant paragraph and fastidious urging commented here, I am actually enjoying by these.

    My web page … MilesUSedler

  29. Greetings from L . a .! I’m bored to tears at work and
    so i made a decision to have a look at your website in my iphone during lunch break.
    I love the info you provide here and can’t wait to have a look after i go back home.

    I’m shocked at how fast your blog site loaded in my phone ..
    I’m not actually using WIFI, just 3G .. Anyhow, fantastic site!

    Stop by my site: FannyJGundry

  30. Wonderful site you have here but I was wondering if you knew of any discussion boards that cover the same topics talked about
    here? I’d really like to be a part of online community where I can get suggestions from
    other knowledgeable individuals that share the
    same interest. If you have any recommendations,
    please let me know. Many thanks!

    my website GordonWBurdi

  31. Good post. I learn something new and challenging on websites I stumbleupon on a daily
    basis. It’s always useful to read through content from other writers
    and practice something from their websites.

    Look at my webpage … ArtFHatlee

  32. fantastic put up, very informative. I wonder why the opposite experts of this sector don’t understand
    this. You should continue your writing. I am sure,
    you might have a tremendous readers’ base already!

    Here is my web page: JamisonZBeyt

  33. I think everything typed made a lot of sense.
    However, think about this, suppose you added a little content?
    I ain’t saying your information is not solid, but what if you added a title that makes people want more?
    I mean The NIST Cybersecurity Framework Revisited | is kinda boring.
    You should look at Yahoo’s home page and note how they write article titles to grab people interested.
    You might try adding a video or a related picture
    or two to get readers interested about what you’ve got to say.
    Just my opinion, it could make your website a little livelier.

  34. Howdy, I believe your online site could be having browser
    compatibility problems. After I take a look at
    site in Safari, it appears fine however, when opening in IE, it
    provides some overlapping issues. I simply planned
    to give you a quick heads up! Other than that, wonderful site!

    Feel free to surf to my homepage LelaZCrewe

  35. I always emailed this webpage post page to any or all my
    contacts, since if prefer to read it next my contacts will
    too.

    Also visit my web site DennyGGustis

  36. Hi there! This is kind of off topic but I need some advice from an established
    blog. Is it very hard to set up your own blog? I’m not very techincal but I can figure
    things out pretty fast. I’m thinking about creating my own but I’m not sure where
    to begin. Do you have any points or suggestions? With thanks

    Here is my page: OletaFPluhar

  37. hey there and thank you for your info – We have definitely acquired something
    new from below. I did so however expertise several technical
    issues by using this internet site, as I experienced to reload the site many times
    previous to I could possibly have it to load correctly.
    I had been wondering in case your hosting is OK? Not really that I am complaining,
    but sluggish loading instances times will very
    frequently affect your placement in google and could damage your quality
    score if ads and marketing with Adwords. Well I am just adding this RSS to
    my e-mail and could watch out for much a greater portion of your respective fascinating content.
    Make certain you update this again soon.

    Here is my web-site PerryEPelham

  38. Wow, this post is fastidious, my younger sister is analyzing most of these things, so I will inform her.

    Here is my weblog … KyraXJuckett

  39. Excellent blog you’ve got here.. It’s hard to find excellent writing
    like yours nowadays. I seriously appreciate individuals as if you!
    Be cautious!!

    my weblog; YettaXPouche

  40. Remarkable things here. I’m very happy to see your post.

    Thank you a lot and I am having a look ahead to touch you.
    Will you please drop me a mail?

    my weblog :: OlenMRenee

  41. Wonderful article! We will be linking to this particularly great content on our website.

    Keep up the good writing.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>