March 12, 2014 By Pierre Gourdon 2 min read

Corporate and government leaders have been putting an increasing focus on the risks to our critical infrastructure by cyber-attacks. Industrial controls, once thought to be immune to these internet borne threats, are now clearly in the cross-hairs of new types of malware.

Responding to this growing risk, in 2013 the White House issued an executive order for a cybersecurity framework (CSF) to be created by the National Institute of Standards and Technology (NIST), providing guidance to organizations with critical infrastructure to help them manage cybersecurity risk. On February 12th 2014, Version 1.0 of the NIST Framework was released following months of drafting and comment involving both the public and private sector.  IBM was a significant contributor to this effort.

The NIST CSF framework provides guidelines, but it is not prescriptive. It does not tell you how to make the organization’s controls secure.  To do that, an organization needs to translate the guidelines into an actionable security program.

Four tips to a 5-star security program

Here are four points to consider:

  1. Establish your business objectives and set priorities for securing your critical infrastructure. Consider your business objectives and your level of risk tolerance based on the unique needs of your organization. Step inside the shoes of a cyber-attacker and take a look at your company’s information and business critical systems from their point of view, asking how an attacker could do the most damage.
  2. Assess your current readiness for a sophisticated attack. The threat model is evolving and your organization must ensure that it has the resources and tools necessary to identify and stop an attack, determine what was compromised, and begin the remediation process. Leverage the NIST framework to ensure that you are taking a holistic view in assessing your capabilities.
  3. Develop a proactive security plan to protect your organization that aligns to your business objectives. Identify how you can collect and leverage security intelligence to enhance your readiness and responsiveness.  Security intelligence and analytics tools can actively monitor and correlate data activity across multiple security technologies, offering you the visibility and insight into what’s going on in your environment—to help you spot and investigate the kind of suspicious activity that could indicate an attack is underway.
  4. Make sure your security program has clearly defined ownership and leadership assigned across critical business areas. Rapid response is critical when an incident occurs and having in place an effective governance structure with well-defined communication processes will help to minimize the potential damage.

Taking this journey is more effective if you have a knowledgeable guide.

To use an analogy: the NIST CSF is like a cookbook that provides the recipe, the ingredients and general instructions on how to assemble the ingredients, but it takes the talents of a chef to interpret the recipe, adjust the proportions and spices, and turn it into an excellent meal.

We are here to help you leverage the Cybersecurity Framework (CSF) to baseline your current security program, identify gaps, prioritize security investments, and develop an actionable roadmap to improve your security maturity.

I hope these tips will help you create a “5 Star” security operation based on the NIST CSF. Are there any other tips I missed? Let me know in the comments below.

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today