Protect Your Organization with Improved Incident Response
A well-planned incident response capability can protect your organization from external and internal threats, no matter where work takes place.
On April 16, 2018, the National Institute of Standards and Technology (NIST), released updates to their Cybersecurity Framework (CSF) titled “Framework for Improving Critical Infrastructure Cybersecurity Version 1.1”...The updates work seamlessly with the original framework and are intended to be implemented by first time and current framework users.
On April 16, 2018, the National Institute of Standards and Technology (NIST), released updates to their Cybersecurity Framework (CSF) titled “Framework for Improving Critical Infrastructure Cybersecurity Version 1.1”. NIST began the update process in 2015 and, over the next couple years, they have updated the framework based on over 200 written comments and over 1,200 conversations.
NIST states in their Cybersecurity Fact Sheet, “This framework is designed to work for every size, sector or type of organization. It provides an approach to prioritize cybersecurity resources, make risk decisions, and take action to reduce risk. It enhances cybersecurity communication within an organization and with other organizations (such as partners, suppliers, regulators, and auditors) and helps organizations identify, manage, and assess cybersecurity risks.” The updates work seamlessly with the original framework and are intended to be implemented by first time and current framework users.
The framework is not intended to be a one-size-fits-all solution or a one-and-done concept. This framework should be utilized to enable the minimization of cybersecurity risks and to ensure that organizations are taking into account potential risk. It can be implemented in conjunction with current systems and processes, which allows the organization to determine gaps in its current cybersecurity risk approach and develop a roadmap to improvement. It can also be used as the foundation for a new cybersecurity program.
NIST has plans to release an additional supplementary document later this year titled, “The Roadmap For Improving Critical Infrastructure Cybersecurity”, which describes key areas of development, alignment, and collaboration.
LogicGate’s Controls and Standards Repository includes the latest version of the NIST Cybersecurity Framework. Each subcategory is captured in a record that lists the overall category and function that the subcategory falls under, as well as the associated informative references.
For many organizations, NIST CSF is not the only standard they want to align with. Often times, there are multiple other control frameworks and regulations with which the organization needs to comply. Thanks to LogicGate's graph database technology, each individual NIST CSF subcategory can easily be linked to other common frameworks and regulations (e.g., ISO 27001/ISO 27002, NIST 800-53, PCI DSS, COBIT 5). If your organization has its own unique internal controls, it’s just as easy to link those as well.
Additionally, LogicGate’s standard and controls assessment process can be used to facilitate assessments against the NIST Cybersecurity Framework to help your organization understand its current cybersecurity performance maturity. If your organization has a unique assessment methodology, the assessment process can be quickly modified using LogicGate’s drag-and-drop workflow builder to meet your custom requirements, making it easy to utilize the NIST CSF to manage your organization’s cybersecurity risks.
A well-planned incident response capability can protect your organization from external and internal threats, no matter where work takes place.
Risk Cloud Exchange is an ecosystem that is designed to inspire your risk program in Risk Cloud by giving you that holistic look into the…
LogicGate CEO Matt Kunkel, discusses the 6 biggest GRC trends that you should be prepared for in 2021.