The current state of cybersecurity is a global issue that requires an equal amount of due diligence regardless of the industry your organization is part of. To make for a consistent approach when applying best security practices across the enterprise environment, the NIST (National Institute of Standards and Technology), has posted the five pillars for building a robust cybersecurity framework.
Each of these five pillars, or functions, provides the foundation for building a successful and holistic cybersecurity program in your enterprise.
The identify function is used to help organizations develop and understand their cybersecurity risk when evaluation their business systems and networks. This initial step builds a foundation for deploying effective policies on how to protect both physical and digital business assets adequately.
The protect function is the action stage of cybersecurity planning and supports the organization's ability to limit or contain the impact of cybersecurity events. This involves protecting assets through the use of IAM (Identity and Access Management) solutions, database security technologies, staff training, and other safeguards that ensure the delivery of critical infrastructure services.
The detect function ensures the timely discovery of cybersecurity incidents so they can be responded to. This includes recognizing anomalies or events in system and networks as they happen and verifying the effectiveness of protective measures used to respond to these activities.
The response function is a critical pillar and refers to all appropriate activities needed when taking action against detected cybersecurity incidents. This is an essential component when containing potentially devastating attacks as they are discovered. This includes managing communications during and after events with appropriate incident response teams, stakeholders, and law enforcement while driving the analysis, mitigation activities, and technologies necessary to resolve the issues.
The recover function outlines all activities necessary to restore any capabilities or services in the event of a catastrophic event or large-scale business disruption. This includes implementing recovery planning processes, training procedures, and teams that will drive recovery efforts and implement improvements based on lessons learned from new events and recovery initiatives.