We provided an introduction to the NIST Cybersecurity Framework in an earlier article. You can read that back here. In this article, we take you further into the circle, to the topic of identify.
THE FUNDAMENT
Identify is the first step of the NIST Cybersecurity Framework. It forms the foundation of the model. It identifies your organizational environment, what resources support critical functions and where the associated cybersecurity risks lie. Once you have this clear, you have an overall picture of your environment, create focus and can prioritize efforts. All this, of course, in accordance with the risk management strategy and organizational requirements established for that purpose. To achieve this overall picture, take the following five steps:
1. Asset management: research and describe what you have;
2. Business environment: research and describe what environment something is in;
3. Governance: research and describe what policies and regulations something must comply with;
4. Risk assessment: research and describe how to assess and interpret risk;
5. Risk management strategy: describe how to deal with risks.
The figure below visually shows where these components recur at the identify stage.
You start with the assets and look at which of these are critical within a business environment, or your organisational (Cloud) environment. From outside your environment, you also have to deal with certain regulations. These are examined and described in the governance section. This reflects the policies and regulations you have to comply with as an organisation. Over this set of assets, business environment and governance, you do a risk assessment. This gives you a clear understanding of what the risks are for your organisation. You then draw up a risk management strategy, which determines how you deal with these risks. This results in measures that you take to the protect phase; the next step in the NIST Cybersecurity Framework.
(STAYING) IN MOTION
Identify is not a step you perform only once. The NIST Cybersecurity Framework is a circle for a reason. Due to continuous developments, both in your organisation and beyond, your organisational (Cloud) environment is constantly changing. It could be that an employee opens a network port (to connect temporarily) or that a software version turns out to be vulnerable and has been widely abused since this morning. So, if you want to (continue to) know where the risks are, it is very important to keep the data provided in the identify phase up-to-date.
MONITORING
Your data is as current as the moment you performed the analysis. You will need to continuously monitor the state of your Cloud environment and organisation. Of course, you can't constantly sit with your nose on your environment yourself. Automated monitoring can help. For example, with Fundaments' Vulnerability management solution. This gives you simple, periodic and clear insight into the status of your environment. And you won't be faced with any unpleasant surprises. Want to know more about Vulnerability management or the Identify phase? Then contact us by calling 088 4 227 227 or emailing info@fundaments.nl.
