National Cyber Security Awareness Month (NCSAM) came to an end this week, and although the campaign is only one-month long, we can’t stress enough the importance of cybersecurity awareness as a year-round practice. Over the past few weeks, we've talked about the new norm in cybersecurity, the importance of adopting an analytics-driven security platform, and what's currently top of mind for CISOs. Last week, we highlighted the security challenges facing the healthcare industry; and closing out this week, we’re shining the spotlight on the security challenges in the public sector.
On May 11, 2017, the presidential executive order on strengthening cybersecurity of federal networks and critical infrastructure was issued. The order explicitly mandates that federal agencies should implement the Cybersecurity Framework (CSF) from NIST to manage agency’s cybersecurity risk. The order goes further to say that the agency’s leaders (or their designates) will be held responsible for implementing these measures and they should be aligned with its strategic, operational and budgetary planning processes.
What is the Cybersecurity Framework?
The CSF is one of many publications from NIST with the express intent of providing guidance to enhance cyber hygiene and posture, developed in collaboration between industry and government. It offers a set of optional standards, best practices, and recommendations for improving cybersecurity at the organizational level. The framework offers a single cohesive strategy and aims to standardize security practices to ensure uniform protection of all US cyber assets, not just in government but any industry critical to the country’s economy and citizen’s quality of life.
The core premise of the CSF is risk management. Risk management is a methodology wherein organizations decide on their risk tolerance and select and implement the appropriate security measures to protect their assets. To ensure that the organization stays at or below the chosen level of risk, implemented measures need to be continuously monitored in real time so any deviance can be addressed quickly.
Since many organizations inherently are dispersed, demonstrating compliance can be challenging given the tedious data collection requirements, disparate and heterogeneous technologies strewn across agencies, a lack of real-time visibility into systems and an inability to customize and scale to organizational needs. For effective risk management, information sharing and collaboration are critical to creating end-to-end views so leadership can observe what is transpiring across the agency’s systems, determine any deviations or non-compliance and take necessary action quickly.
This is where Splunk has proven to help organizations effectively. Splunk provides cost-effective, integrated yet customizable solutions that can provide the visibility to help assess your current state, continuously monitor events and metrics, and deliver real-time visualizations and dashboards across the organization for fast and informed decision making to manage risk effectively. Splunk extends self-reporting capabilities to make audits easier.
A common misconception is that any NIST guidance including the CSF is only for the government sector given the source. But if you really look at it, CSF is about cyber hygiene—a framework that helps you get your house in order so you can be well-prepared to combat threats and not fall prey because of exposed weak links. Preparedness goes a long way and is fundamental for a solid defense strategy. No organization is immune to cyberattacks and the CSF should be part of your consideration.
Listen to NIST Fellow Dr. Ron Ross on his thoughts on the need for a risk-based cybersecurity strategy in the video above, and read about how Splunk can help in our "Splunk and the Cybersecurity Framework" tech brief.
Until next time,