What is the NIST Framework?
The NIST Cybersecurity Framework, or the “NIST framework” is a standard of cybersecurity guidelines created by the National Institute of Standards and Technology (NIST), which is a non-regulatory agency of the U.S. Department of Commerce. NIST is about driving innovation and technological advances, and adherence to the NIST framework is strictly voluntary.
This standard was designed to help companies measure, defend, reduce, and recover from cybersecurity risks.
What are the Five Pillars of NIST Compliance?
The five core functions are:
- Identify your IT assets. You need a comprehensive inventory of all of the hardware, software, data points, and personnel who interact with sensitive information. Put an incident response plan in place.
- Protect data. This can be via automated processes like antivirus or endpoint protection, patch management, and data encryption. It may also include business processes for file storage, backups, and user logins and access management depending upon the user profile.
- Detect. Use automated solutions to watch for unusual activities by users or data access from unauthorized users.
- Respond. Again, an incident response plan is a key element to NIST compliance. Outline how your business will respond to customers, employees, and law enforcement while keeping the business running in the event of a data breach or natural disaster.
- Recover Systems and Trust. After a data breach has been managed, and the systems are secured again, communication must continue with customers and employees about the steps that were taken to prevent another incident.
What are the NIST Cybersecurity Framework Maturity Levels?
Based upon peer groups in the same industry, company cybersecurity policies and teams may be rated by “maturity level”.
The levels of maturity are as follows:
- Partial — This may be some protection, like a firewall or antivirus policy, or a start of an IT asset inventory, such as a CMDB.
- Informed — To be “informed”, a company must have a comprehensive and up-to-date IT asset inventory with real-time visibility.
- Repeatable — A repeatable program automates a number of elements of data protection, and provides visibility into workflows.
- Adaptive —-The best-in-class cybersecurity plan is automated, able to detect and prioritize risks, and fully integrated across the workforce.