Implementation of the National Institute of Standards and Technology (NIST) cyber security framework should be every company's first line of defence.
This was the word from Brett Skinner, security sales manager at Micro Focus SA, speaking at the ITWeb Security Summit 2019 in Sandton, yesterday.
Discussing effective breach defence strategies and the advantages of basing an organisation’s enterprise security strategy on a broader framework, Skinner explained that security frameworks provide a common lexicon to consider internally, helping to safeguard the use of critical infrastructure, while limiting the chances of a security breach.
“A solid cyber security framework helps organisations to validate the controls and processes already in place, and identify which areas require more investing to improve security, technology, people or processes. The NIST framework consists of standards, guidelines, and best practices to manage cyber security threats, which exploit the increased complexity and connectivity of critical infrastructure systems,” explained Skinner.
Established by the US government in 2014, the NIST Cyber Security Framework provides a policy framework on cyber security guidance on how organisations can assess and improve their ability to prevent, detect, and respond to cyber attacks.
The framework focuses on using business drivers to guide cyber security initiatives and considers cyber security risks as part of the organisation’s risk management processes.
While it is a policy established by the US, other governments and organisations across the globe have also adopted this policy to enhance the security and resilience of their critical infrastructure and to maintain a cyber environment that encourages efficiency, promotes safety and security, business confidentiality, privacy, and civil liberties.
“The odds of getting struck by lightning are 1 in 960 000, while the odds of dating a millionaire are 1 in 220 people, but the odds of experiencing a data breach are one in four people. And experiencing a cyber breach is not a matter of ‘if’, it’s a matter of ‘when’.
“Cyber security threats exploit the increased complexity and connectivity of critical infrastructure systems, placing an organisation at risk. Similar to financial and reputational risk, cyber security risks affect a company’s bottom line, driving up costs and impacting revenue,” he pointed out.
NIST implementation elements
Skinner highlighted on the five key elements of the NIST framework – identify, protect, detect, respond and recover.
“Firstly organisations must identify what type of business they’re in, and where things lie within the business units. How important is your data and what exactly is at risk? Protection is about protecting your point products, which can be done in various ways such as identity management technologies, access management technologies or other type of security technologies.”
“Detection is about making sure you are doing all the right things, by using a monitoring platform to detect anomalies and events. Response takes place once the organisation has identified an issue or a breach. Lastly the recovery phase is about how we communicate – response planning, analysis of the situation, mitigation and future improvements.”
In a case security breach incident, Skinner stressed the importance of notifying affected parties.
In terms of limiting the impact of a security breach, he noted the value of understanding the current state of the organisation, which allows for better planning and prioritisation.
“Assessing where the risks are in the environment, seeking out and eliminating vulnerabilities, keep everything patched and updated. This doesn’t just apply to operating systems but also applications, databases and other systems.
“From a solution perspective, application security is of utmost importance – this includes scanning code for vulnerabilities that may be introduced as well as service and endpoint management,” concluded Skinner.
Share