NIST Cyber Security Framework for Critical Infrastructure
Cyber Security threats exploit the increased complexity and connectivity of critical infrastructure systems, which is turning the Nation’s security, economy, and public safety and health at risk.
NIST Cyber Security Framework V1.1 published on April 2018 is a flexible, risk based approach and is designed to manage Cyber security Risk in organizations.
The framework basically consists of five functions as mentioned below:
Identify
Develop an organizational understanding to manage cyber security risk to system, people, assets, data and capabilities.
Example:
Asset Management, Risk Assessment, Risk Management, Governance
Protect
Develop and implement appropriate safeguards to ensure delivery of critical services.
Example:
Identity Management and Access Control, awareness and training, Data Security practices, Maintenance etc.
Detect
Develop and implement
appropriate activities to identify the occurrence of a Cyber Security event. The Detect Function enables
timely discovery of Cyber Security events.
Example:
Anomalies and Events, Security Continuous Monitoring and Detection Processes.
Respond
Develop and implement appropriate activities to take action regarding a detected Cyber Security incident.
Example:
Response Planning, Communications, Analysis, Mitigation and Improvements.
Recover
Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a Cyber Security incident.
Example:
Recovery
Planning, Improvements and Communications.
How to Use the Framework
An organization can use the Framework as a key part of its systematic process for identifying, assessing, and managing Cyber Security risk. The Framework is not designed to replace existing processes; an organization can use its current process and overlay it onto the Framework to determine gaps in its current Cyber Security risk approach and develop a roadmap to improvement. Using the Framework as a Cyber Security risk management tool, an organization can determine activities that are most important to critical service delivery and prioritize expenditures to maximize the impact of the investment.
The Framework is designed to complement existing business and Cyber Security operations. It can serve as the foundation for a new Cyber Security program or a mechanism for improving an existing program. The Framework provides a means of expressing Cyber Security requirements to business partners and customers and can help identify gaps in an organization’s Cyber Security practices.
Below are basic steps to improvise the Cyber Security and Implement the framework across organization.
Step 1: Prioritize and Scope
Step 2: Orient
Step 3: Create a Current Profile
Step 4: Conduct a Risk Assessment
Step 5: Create a Target Profile
Step 6: Determine, Analyze, and
Prioritize Gaps
Step 7: Implement Action Plan
Below is a framework core just highlighted for reference. To understand it more easily, each component of the Framework Core is given a unique identifier such as ID.AM, PR.AC etc.
Reference:
https://doi.org/10.6028/NIST.CSWP.04162018
Thanks
-DR
No comments:
Post a Comment