8 years ago in March 2013 I covered NIST’s definition of Cloud Computing :
Now after a while it’s time for NIST’s Cybersecurity Framework. They have done a very good job again with this one. One of the best documents out there to manage your organizations cybersecurity is definitely the NIST framework. It covers the breadth and depth of the requirements from cybersecurity teams.
This is the excel link: https://www.nist.gov/document/2018-04-16frameworkv11core1xlsx
With 108 Titles it seems daunting but trust me its very intuitive. It has been divided into simple and intuitive sections. These are easily understood by anyone who has worked in networks and systems and large to medium scale orgs which practice these.
Identify – Protect – Detect – Respond – Recover
The details are below:
Once you grab this it is easier to understand all the sections of the framework. To implement this in any organization it is necessary to spend time and effort on each of them and carry out the exercise required for each category and sub category.
This is important and not practicing the correct methodology could cause an incident in the organization and would either leak data or cause damage otherwise.