We use a 5-step process based on the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework that helps our Customer reduce their cybersecurity risk. NIST’s Cybersecurity framework was introduced in 2014 and is designed to “assist organizations to better understand and improve their management of cybersecurity risk” .
This is the way in which we apply the framework with our clients:
A fundamental starting point is to identify every IT asset(networks,devices,users,applications,data and policies) being used by the company.It’s also important to review cybersecurity related policies and inventory locations where sensitive data is stored.
Once your know what needs to be protected you should implement appropriate technical strategies to protect the assets from the potential threats. We automate patching and create reports that generate alerts to identify the systems and applications that have not been updated. It’s also important to make sure that your staff is well trained on cybersecurity to create what we refer to as a “Human Firewall”.
For this, we rely on tools that monitor security logs on individual computers and network devices. We configure these tools to send alerts when they detect abnormal activities.
Once an event has been discovered, your team must know what to do. The response will largely depend on the threat detected. The most important part of this step is to ensure that all of the appropriate resources are engaged as quickly as possible, and that they fully understand their responsibilities.
The final step is to return to normal operations. As part of the recovery process, the breach log entries must be finalized and affected parties notified.