Published Date: 01-NOVEMBER-2023.
report@fixitgearware.com
Read the MIT-LICENCE
Reference Guide in Planning Organizations "Risk Assessment & Risk Management" using the cybersecurity framework.
The NIST Cyber Security framework (V1.1), originated from the United States of America's concern for its national and economic security, which heavily relies on the functioning of critical infrastructures.
To ensure the resilience and longevity of these infrastructures, Barack Obama, who was the President of the United States at the time, issued Executive Order 13636 (EO) (Executive Orders 13636 and 13691 Privacy and Civil Liberties Assessment Reports), titled “Improving Critical Infrastructure Cybersecurity” on February 12th, 2013.
This executive order initiated the voluntary development of a Cybersecurity Framework. This framework offers a “prioritized, flexible, repeatable, performance-based, and cost-effective approach,” assisting organizations that use critical infrastructure services in managing cybersecurity risk.
Below is a brief summary of this framework's functions. For a detailed view of the various functions and their applications in planning your organization's risk assessment, please follow the corresponding Github repository link for each function.
| FUNCTION | ID | BRIEF EXPLANATION | CATEGORIES | RESOURCE URL |
| IDENTIFY | ID | The NIST Cybersecurity Framework's "IDENTIFY" function plays a crucial role in comprehending an organization's cybersecurity risk management for its assets, which include personnel, systems, data, and functions. This function provides a deep understanding of the organization's business environment and the risks involved. Consequently, it enables the organization to devise a well-structured action plan and prioritize its efforts in line with its risk management strategy and business requirements. | • Asset Management (ID.AM) • Business Environment (ID.BE) • Governance (ID.GV) • Risk Assessment (ID.RA) • Risk Management Strategy (ID.RM) | • Website : Identify Function. • GitHub :Repository |
| PROTECT | PR | The "Protect" function of the NIST Cybersecurity Framework actively develops and implements relevant security measures to ensure the delivery and functionality of critical services (Infrastructures). This function involves the implementation of security controls with the primary goal of protecting classified and private information, as well as business-critical systems, thereby mitigating risks. By doing so, it contains the potential impact of a cybersecurity breach or attack. | • Access Control (PR.AC) • Awareness & Training (PR.AT) • Data Security (PR.DS) • Information Protection, Processes, and Procedures (PR.IP) • Maintenance (PR.MA) • Protective Technology (PR.PT) | • Website : Protect Function. • GitHub :Repository |
| DETECT | DE | The "Detect" function of the NIST Framework actively develops and implements suitable security measures and principles to spot any cybersecurity breaches or incidents. Its main goal is to enable the organization to promptly detect any unusual activity on its systems or network and comprehend its potential impact. | • Anomalies and Events (DE.AE) • Security Continuous Monitoring (DE.CM) • Detection Processes (DE.DP) | • Website : Detect Function. •GitHub :Repository |
| RESPOND | RS | The "Respond" function, a core feature of the NIST Cybersecurity Framework, actively guides the necessary steps to take when a cybersecurity incident is detected. The actions taken shape the response and determine the potential impact level of a cybersecurity incident. | • Response Planning (RS.RP) • Communications (RS.CO) • Analysis (RS.AN) • Mitigations (RS.MI) • Improvements (RS.IM) | • Website : Respond Function. •GitHub :Repository |
| RECOVER | RC | The NIST Cybersecurity Framework's "Recover" function emphasizes the need to create and execute essential activities that maintain resilience, restore functions, and services affected by a cybersecurity event. This function should facilitate a swift return to regular business operations after cybersecurity incidents, minimizing the organization's impact. It accentuates the need to address existing threats with practical solutions, rather than relying solely on defense. | • Recovery Planning (RC.RP) • Improvements (RC.IM) • Communications. (RC.CO) | • Website : Recover Function. • GitHub :Repository |