NIST Cyber Security Framework: 4 Steps for CIOs Wall Street Journal (01/14/14) The National Institute of Standards and Technology (NIST) Cybersecurity Framework can help critical infrastructure providers better evaluate cybersecurity risks, says Carey Miller, a director with Deloitte & Touches Security and Privacy practice. The framework, which was developed in response to an executive order issued by President Obama last year, is designed to help critical infrastructure operators protect their assets from cyberattacks. According to Miller, the framework encourages organizations to look at cybersecurity risk across the people, process, and technology dimensions of their enterprises, just as they would with financial, safety, and operational risks. In order to achieve these goals, companies should conduct a self-assessment based on the five cybersecurity functions in the framework: identify, protect, detect, respond, and recover. This assessment also provides companies the opportunity to determine those parts of the framework they already have in place as well as those considered most important to implement. Companies should then build consensus to support adoption of the framework and focus continuously on reaching the frameworks adaptive standard. The framework defines an adaptive company as one that approaches cybersecurity in a way that is fully integrated with other business functions and makes changes based on existing data and predictive indicators. To help encourage adaptation, companies should also collaborate with other members of industry and government partners to share information on potential cyber risks.
Posted on: Fri, 17 Jan 2014 05:30:15 +0000
Trending Topics
Recently Viewed Topics
© 2015