This entry is the first of what will be many posts on our upcoming book, Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework. It serves as the background on what the book is and how it can help all government and private sector organizations fend off cyber threats better and more quickly remediate the damage of hacks, breaches, or attacks when they do occur.
Defending your organization’s network and assets are all about managing risks, not eliminating them. It’s a virtual certainty that your organization will face, at the minimum, frequent annoying low-level digital threats that can mushroom into unmanageable problems if ignored. In the worst-case scenarios, destructive attacks can temporarily or permanently shut down operations and damage reputations.
NIST Framework
Cybersecurity risk management reached its apex in the creation of the National Institute of Standards and Technology (NIST) Framework for Improving Cybersecurity of Critical Infrastructure, first released in 2014, but revised and augmented since then. Our book provides a user-friendly explanation of what the Framework is, but more importantly how to apply it, which has been one of the biggest stumbling blocks organizations tell us they face in using the Framework to shore up their own digital defense and incident response capabilities.
Using real-world scenarios and expert insight from leaders in the field, our book will provide readers with:
- The fundamentals of cyber risk planning and management;
- Clear and easily grasped overviews of user and network infrastructure planning and management;
- The tools and techniques for detecting cyberattacks; and
- Succinct explanations on how to develop a continuity of operations plan to recover quickly in the aftermath of a cyberattack.
Using the NIST Framework as our guide, we will explain
- The central principles of cybersecurity risk management and the steps necessary to manage digital risk to systems, assets, data, and capabilities;
- The tools that can improve an organization’s network infrastructure protection such as asset access control, awareness and training, data security, protection policies, maintenance procedures, and automated protection processes;
- The challenges in detecting a cyberattack, the necessary steps in detecting a cyberattack, the importance of continuous security monitoring, and the importance of requirement compliance, testing, and communication of detection processes; and
- The fundamental concepts and practical steps to take in responding to and recovering from a cybersecurity incident.
Why Now?
As massive threats exemplified by the hack of software provider SolarWinds’ Orion product underscore, the need for better cybersecurity risk management is growing by many magnitudes year-over-year. And yet…many organizations are at a loss on how to use the fundamental cybersecurity techniques to position themselves to be more secure and responsive.
Our book will make it easier for government and private sector organizations to be prepared to handle what’s coming. Both cybersecurity and non-security professionals alike will be able to grasp the concepts and practical applications of the elements of risk management covered in our book. It will provide a useful tool for communicating with management, regulators, and investors.