How the NIST Cybersecurity Framework Maps to Cyber Attacks

Prior to 2014, if you wanted a workable cybersecurity framework, you either made one up yourself or purchased a proprietary one offered by various companies.

But the NIST Cybersecurity Framework changed all of that.

And one of the framework’s biggest advocates is CISO Larry Wilson of the President’s Office at the University of Massachusetts. He feels so strongly about the advantages of the NIST Cybersecurity Framework core that he teaches InfoSec students across the country at regional security conferences.

“It’s a public framework, it’s designed to be collaborative," Wilson says. "It’s all about sharing how you are approaching cybersecurity with your peers, so together you can collectively do a better job.”

5 benefits of the NIST Cybersecurity Framework

If you’re thinking about implementing NIST as your organization’s security framework, here are some advantages according to Wilson. It’s why he says you should design and build your security program around NIST.

NIST security framework core maps to an attack in many ways:

1. NIST core function-Identify: Maps to your posture before an attack.Things like supply chain, asset management, risk assessment, and others.
2. NIST core function-Protect: Maps to your posture before an attack. Things like access control, awareness and training, proactively technology, and others.
3. NIST core function-Detect: Maps to your capabilities during an attack. Things like anomalies and events, detection processes, and continuous monitoring.
4. NIST core function-Respond: Maps to responding (of course) to an attack. Things like response planning, communication, mitigation, and others.
5. NIST core function-Recover: Maps to recovering from an attack. Things like recovery planning, improvements, and communication.

Wilson says the framework enables organizations—regardless of size, degree of cybersecurity risk, or cybersecurity sophistication—to apply the principles and best practices of risk management in order to improve the security and resilience of the business.

And it is a security framework that continues to be refreshed. See NIST Framework update on IoT and NextGen Systems for an example.

Want training on NIST? Find Larry Wilson’s NIST Cybersecurity Framework training at a fall 2018 SecureWorld conference, or take CISO Alex Wood’s online SecureWorld PLUS NIST course, which can be watched on-demand here until the end of 2018.