The 5 pillars of the NIST Cyber Security Framework
The 5 pillars of the NIST Cyber Security Framework
May 25, 2021
To work effectively and purposefully with IT security, the NIST Cyber Security Framework (CSF) is often used. NIST stands for National Institute of Standards and Technology and has developed various frameworks for working with IT security. These are the five pillars of NIST CSF; identify, protect, detect, respond, and recover.
Identify
If you do not have an overview of your devices, you cannot implement measures to protect them.
For example: It becomes known that "Printer 123" has a vulnerability affecting IT security. Then it is important to know whether you have such a printer or not! This applies not only to devices but also to software.
The first pillar of NIST is therefore to "identify". This involves identifying problems and vulnerabilities by mapping the environment. This is a complete overview of users, devices, and systems for all employees and suppliers. The overview is compiled along with a comprehensive risk assessment of IT security.
Protect
Always prepared, they say in scouting. We sometimes say this in Procano as well. Always be prepared for new threats and continuously work to keep the threat landscape low.
Pillar number two is about "protecting" against potential threats. This involves proactive work to protect users, devices, and systems. This is done with continuous improvements, training, good onboarding, maintenance, and systematic processes.Detect
The third pillar of the NIST CSF is about detecting intrusions, abnormal activities, and potentially harmful activities on the network. To do this, all processes must be logged and regular monitoring of all services and processes must occur. In this way, abnormal activity can be detected, both through AI tools and manual checks.
Respond
When unnatural activity occurs, it’s about responding – quickly! It’s essential to plan well in advance; management can see what is stated in the IT policy, and employees can refer to the IT instructions.
To respond effectively, you should have a plan that can answer the following:What should an employee do when something strange happens on the PC?
Who should the employees notify?
What should happen to the PC in the meantime?
What routines should the IT manager follow?
For larger companies, one should also find answers to: Who handles the media, should it be reported to authorities, and should all computers be cleaned immediately? (hint: no).Recover
After a breach of IT security, it is necessary to restore normal operations as quickly as possible. It can cost the company a lot of money not to have good routines in place, so it is important that all parties involved are aware of the internal guidelines for IT security.
When restoring the company's IT environment, it’s all about BACKUP! The fifth pillar concerns documenting procedures for backup, testing of backup, and recovery of it. The procedures should provide reasonable and understandable answers to questions such as; which systems are critical for our company, and if I have multiple servers – how should I prioritize during data recovery?
Wondering how to proceed to establish good routines for IT security?
Contact us here for a pleasant security chat!
To work effectively and purposefully with IT security, the NIST Cyber Security Framework (CSF) is often used. NIST stands for National Institute of Standards and Technology and has developed various frameworks for working with IT security. These are the five pillars of NIST CSF; identify, protect, detect, respond, and recover.
Identify
If you do not have an overview of your devices, you cannot implement measures to protect them.
For example: It becomes known that "Printer 123" has a vulnerability affecting IT security. Then it is important to know whether you have such a printer or not! This applies not only to devices but also to software.
The first pillar of NIST is therefore to "identify". This involves identifying problems and vulnerabilities by mapping the environment. This is a complete overview of users, devices, and systems for all employees and suppliers. The overview is compiled along with a comprehensive risk assessment of IT security.
Protect
Always prepared, they say in scouting. We sometimes say this in Procano as well. Always be prepared for new threats and continuously work to keep the threat landscape low.
Pillar number two is about "protecting" against potential threats. This involves proactive work to protect users, devices, and systems. This is done with continuous improvements, training, good onboarding, maintenance, and systematic processes.Detect
The third pillar of the NIST CSF is about detecting intrusions, abnormal activities, and potentially harmful activities on the network. To do this, all processes must be logged and regular monitoring of all services and processes must occur. In this way, abnormal activity can be detected, both through AI tools and manual checks.
Respond
When unnatural activity occurs, it’s about responding – quickly! It’s essential to plan well in advance; management can see what is stated in the IT policy, and employees can refer to the IT instructions.
To respond effectively, you should have a plan that can answer the following:What should an employee do when something strange happens on the PC?
Who should the employees notify?
What should happen to the PC in the meantime?
What routines should the IT manager follow?
For larger companies, one should also find answers to: Who handles the media, should it be reported to authorities, and should all computers be cleaned immediately? (hint: no).Recover
After a breach of IT security, it is necessary to restore normal operations as quickly as possible. It can cost the company a lot of money not to have good routines in place, so it is important that all parties involved are aware of the internal guidelines for IT security.
When restoring the company's IT environment, it’s all about BACKUP! The fifth pillar concerns documenting procedures for backup, testing of backup, and recovery of it. The procedures should provide reasonable and understandable answers to questions such as; which systems are critical for our company, and if I have multiple servers – how should I prioritize during data recovery?
Wondering how to proceed to establish good routines for IT security?
Contact us here for a pleasant security chat!
To work effectively and purposefully with IT security, the NIST Cyber Security Framework (CSF) is often used. NIST stands for National Institute of Standards and Technology and has developed various frameworks for working with IT security. These are the five pillars of NIST CSF; identify, protect, detect, respond, and recover.
Identify
If you do not have an overview of your devices, you cannot implement measures to protect them.
For example: It becomes known that "Printer 123" has a vulnerability affecting IT security. Then it is important to know whether you have such a printer or not! This applies not only to devices but also to software.
The first pillar of NIST is therefore to "identify". This involves identifying problems and vulnerabilities by mapping the environment. This is a complete overview of users, devices, and systems for all employees and suppliers. The overview is compiled along with a comprehensive risk assessment of IT security.
Protect
Always prepared, they say in scouting. We sometimes say this in Procano as well. Always be prepared for new threats and continuously work to keep the threat landscape low.
Pillar number two is about "protecting" against potential threats. This involves proactive work to protect users, devices, and systems. This is done with continuous improvements, training, good onboarding, maintenance, and systematic processes.Detect
The third pillar of the NIST CSF is about detecting intrusions, abnormal activities, and potentially harmful activities on the network. To do this, all processes must be logged and regular monitoring of all services and processes must occur. In this way, abnormal activity can be detected, both through AI tools and manual checks.
Respond
When unnatural activity occurs, it’s about responding – quickly! It’s essential to plan well in advance; management can see what is stated in the IT policy, and employees can refer to the IT instructions.
To respond effectively, you should have a plan that can answer the following:What should an employee do when something strange happens on the PC?
Who should the employees notify?
What should happen to the PC in the meantime?
What routines should the IT manager follow?
For larger companies, one should also find answers to: Who handles the media, should it be reported to authorities, and should all computers be cleaned immediately? (hint: no).Recover
After a breach of IT security, it is necessary to restore normal operations as quickly as possible. It can cost the company a lot of money not to have good routines in place, so it is important that all parties involved are aware of the internal guidelines for IT security.
When restoring the company's IT environment, it’s all about BACKUP! The fifth pillar concerns documenting procedures for backup, testing of backup, and recovery of it. The procedures should provide reasonable and understandable answers to questions such as; which systems are critical for our company, and if I have multiple servers – how should I prioritize during data recovery?
Wondering how to proceed to establish good routines for IT security?
Contact us here for a pleasant security chat!
This page is translated using AI
Give feedback
Recent posts
Get started
Get a free review of your IT environment from one of our experts
Get started
Get a free review of your IT environment from one of our experts
Get started
Get a free review of your IT environment from one of our experts