Implementing a successful cybersecurity framework

In our last blog we talked about how involved your board was when it comes to cybersecurity. If things have progressed and you’re now in the throws of structuring a cybersecurity strategy further, it might help to start with a standard framework on which to base your planning.

One such framework is the NIST Cybersecurity Framework, which is a framework developed by the U.S. National Institute of Standards and Technology (NIST). We think it provides a good structure for working through the important aspects of cybersecurity.

The NIST framework has 5 areas: identify, protect, detect, respond, and recover. Companies with a strong cybersecurity culture have plans around each key area and have shared those plans business-wide. Here’s an overview of what each area might cover:

Identify – understand the risk to systems, assets, data, and capabilities e.g. Asset Management;
Business Environment; Governance; Risk Assessment; and Risk Management Strategy.
Protect – the ability to limit or contain the impact of a potential cybersecurity event e.g. Access Control; Awareness and Training; Data Security; Information Protection Processes and Procedures; and Protective Technology.
Detect – Develop and implement the appropriate activities to identify the occurrence of a
cybersecurity event e.g. Anomalies and Events; Continuous Monitoring; and Detection Processes.
Respond – Develop and implement the appropriate activities to take action regarding a
detected cybersecurity event e.g. Response Planning; Communications; Analysis; Mitigation; and Improvements.
Recover – reduce the impact from a cybersecurity event e.g. Recovery Planning; Improvements; and Communications.

Torsion, the automated data access platform, embeds itself throughout the NIST framework. Asset Management, governance, risk management, access control, data security, protective technology, detection, continuous monitoring and mitigation are just some of the steps supported by Torsion. You can find out more about how Torsion plays a core role within an effective cybersecurity framework here.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.