Appalachia Technologies Blog

Appalachia Technologies team is comprised of a diverse mix of IT professionals, some of whom have been on the forefront of IT since the industry’s inception. Through the years, our team has developed a wide array of experience in understanding individual needs and how they relate to your business.

What is the NIST Cybersecurity Framework? (appTECH TALK Ep. 1)

Secure your Organization with the NIST Blueprint

Breaches are at all time high.  Over 50 billion devices are connected to the internet.  Some of them are secure, and some of them are not.  Which category does your organization fall into?

Many organizations wonder where to start when they are looking at strengthening their security posture.  Fortunately, the wheel does not need reinvented.  Much traction and return on investment can be made by simply aligning an organizations security program with the NIST standard.

NIST (National Institute of Standards and Technology) is the de facto standard when it comes to security organizations.  It provides a solid framework that outlines security in five categories.  Comparing an organization’s alignment with the NIST standards will give you a solid measurement of how your security program lines up.

Let’s jump into the five NIST Cyber Security Framework categories: Identify, Protect, Detect, Respond, and Recover.

IDENTIFY

Organizations must be able to understand their own environment before they can protect it.  Many times, the organization is not aware of all of the digital assets owned.  As an example, all digital assets including workstations, servers, wireless devices, laptops, printers, network battery backups, as well as others need to be well-documented on a spreadsheet.  The spreadsheet should be updated with regular frequency.  It is impossible to protect assets if there is not a fully updated list.  This is just one example of the ”Identify” category.

PROTECT

Organizations must develop controls and safeguards around their systems in order to protect them.  For example, this may include items such as a System Hardening Standard.  A system hardening standard ensure that proper procedures are followed in order to protect a system before it goes online.  An example is making sure that default usernames and passwords aren’t being used on the system.  Other examples are making sure that unnecessary services are disabled as well as up-to-date patching.  These are just some small examples of controls used to “Protect” systems.

DETECT

Now that we have our systems protected, we must also have controls in place to detect malicious events.  For example, controls need put in place to monitor for anomalies.  An anomaly is something that is “not normal” on a system or network.  A heavy amount of network traffic at 3am when there is no staff in the office could be deemed as an anomaly.  Other controls such as FIM (File Integrity Monitoring) could also be put in place to ensure that improper changes are not happening to system files.  If such an event would happen, an alert would be triggered.  These are ways to “Detect” malicious activity as it is happening.

RESPOND

An organization is protecting their assets.  Malicious events are being detected and triggering alerts - so how do they respond?  This is where an Incident Response Policy comes in to play.  When an incident occurs, what is the documented process that must occur to insure minimal impact?  What personnel are responsible for what tasks?  If proper table-top exercises are performed regularly, an organization will be ready to respond when the real thing happens.  The NIST “Respond” category outlines all of the proper controls an organization should have in place to ensure that there is minimal impact when an incident occurs.

RECOVER

Imagine that a breach has occurred.  The team has successfully walked through the Incident Response Plan to ensure minimal impact.  Although the plan was successful, there was still was still an impact to the organization.  The “Recover” category covers how a company can make sure that proper backups are in place and that digital assets can be restored in a timely manner.  Recovering from an incident also involves conversations around lessons learned and strategizing ways to tighten up the security posture and business processes so that next time the impact will be smaller with faster recovery.

The NIST Cybersecurity Framework is a solid foundation and blueprint for an organization to protect their digital assets, reputation, and business continuity.  If you would like a deeper dive into the NIST controls, contact us at or 888-277-8320.


 

Mike MillerMike Miller is a cybersecurity professional with 25 years of experience through the IT industry.  He has focused on security, specializing in the areas of Virtual Chief Information Security Officer services, Governance, Risk, and Compliance, PCI, SOC, Intrusion Detection, Penetration Testing, and Incident Response.  In 2011, Mike founded Cyber Protection Group, which was acquired by Appalachia in 2022.  Mike is passionate about mentoring and assisting aspiring cybersecurity professionals and can be found regularly sharing insight on his LinkedIn profile.  When he isn’t fighting cyber crime, Mike loves spending time with his wife and kids, often boating in the Ozarks.

What is Penetration Testing – Finding Vulnerabilit...
Appalachia Technologies Recognized on CRN’s 2022 M...
Comment for this post has been locked by admin.
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, May 19, 2022

Captcha Image

News & Updates

Mechanicsburg, PA, February 14, 2022 — Appalachia Technologies announced today that CRN®, a brand of The Channel Company, has named Appalachia Technologies to its Managed Service Provider (MSP) 500 list in the Pioneer 250 category for 2022. CRN’s annual MSP 500 list identifies the leading service providers in North America whose forward-thinking approaches to managed services are changing the landscape of the IT channel, helping end users increase efficiency and simplify IT solutions, while maximizing their return on investment.

Contact Us

Learn more about what Appalachia Technologies can do for your business.

Appalachia Technologies
5012 Lenker Street
Mechanicsburg, Pennsylvania 17050