According the US Department of Homeland Security, the national and economic security of the United States depends on the reliable functioning of its critical infrastructure, which includes the assets, systems, and networks, whether physical or virtual, so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, or national public health or safety.
To better address cybersecurity risk across all critical infrastructure sectors, Presidential Executive Order 13636, called for the development of a voluntary risk-based Cybersecurity Framework. The National Institute of Standards and Technology (NIST) was chosen to design the Cybersecurity Framework.
The NIST Framework for Improving Critical Infrastructure Cybersecurity uses business drivers to guide control activities. The framework enables organizations – regardless of size, degree of cybersecurity risk, or cybersecurity sophistication – to apply the principles and best practices of risk management to improve security and business resilience.
The Framework Core consists of five concurrent and continuous process-driven security domains:
When considered together, these functions provide a high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk.
Sage’s NIST Cybersecurity Resilience Assessment is designed to provide organizational context for cybersecurity risk and the processes in place to manage that risk. The outcome of the assessment will include identified gaps against the framework’s objectives, the cybersecurity risk posed by those gaps, as well as a roadmap to close those gaps in order to increase maturity in each of the framework’s five functional areas.
The outcome of the Sage’s NIST Cybersecurity Resilience Assessment includes:
There is no single, straight path that will get you to the point where you can say, “We did it! We’re 100% cyber-secure.”
A more realistic destination is cyber resiliency – the ability to prepare for and adapt to changing conditions, so you can withstand and recover rapidly from disruptions. Achieving cyber resilience depends on what we like to call the cybersecurity lifecycle – an ongoing cycle of interconnected elements that compliment and reinforce one another.
Are you struggling to find the time to effectively monitor your network for potential threats? Let nDiscovery do the detective work for you! We translate generic threat data into specific actionable intelligence – cutting through the noise so you can focus on what is truly important.