Professional Documents
Culture Documents
Ebook Cybersecurity - ZIGURAT Institute of Technology
Ebook Cybersecurity - ZIGURAT Institute of Technology
A good place
Most companies have hybrid
environments with more PasS and
SaaS, which delegate legal and
to start operational responsibility to third
parties.
The NIST CybeSecurity Framework is Finally, the NIST CSF recommends
qualitatively well organized in a implementing “Role-Based Access
structure that makes it easier for Control” (RBAC) for user and admin
organizations to manage Cyber Risks as access management. As we move to
a Risk management discipline, rather hybrid cloud environments, a more
than an IT problem. As compared to modern Functional Access Control
other frameworks, such as ISO, it is a (FAC) methodology should be adapted.
good place to start, or migrate, to While RBAC is a good place to start,
establish a baseline for your FAC is more granular and secure access
Cybersecurity program. management approach.
As with any generic Framework, there But overall, this is a good starting point
may be some key cybersecurity areas for cybersecurity because it provides a
that are underrepresented. For comprehensive and flexible framework
instance, forensics and “log file for organizations to manage and
management” could be improved. In this mitigate cyber risks. It offers a common
case the NIST CSF only recommends 30 language, best practices, and
retention. After a breach, we know that guidelines that can be customized to fit
finding the vector of attack is the specific needs of any organization.
paramount, however, some breaches are
only discovered months after the initial So stay safe!
attack.
Gonzalo Cuatrecasas
TE
organization use it?
CT
TIFY
The NIST Cybersecurity Framework4 FRAMEWORK
IDEN
RESP
can help an organization begin or
improve their cybersecurity program.
ON
D
Built off of practices that are known to R
RECOVE
be effective, it can help organizations
improve their cybersecurity
posture. It fosters communication
among both internal and external
stakeholders about cybersecurity, and
for larger organizations, helps to better
integrate and align cybersecurity risk
management with broader
enterprise risk management processes
as described in the NISTIR 82865 series.
1 IDENTIFY
DEVELOP AN ORGANIZATIONAL
UNDERSTANDING TO MANAGE
CYBERSECURITY RISK TO: SYSTEMS,
ASSETS, DATA, AND CAPABILITIES.
2 PROTECT
DEVELOP AND IMPLEMENT THE
APPROPRIATE SAFEGUARDS TO
ENSURE DELIVERY OF SERVICES.
Protect your devices – Consider Train users – Regularly train and retrain
installing host-based firewalls and other all users to be sure that they are aware
protections such as endpoint security of enterprise cybersecurity policies and
products. Apply uniform configurations procedures and their specific roles and
to devices and control changes to responsibilities as a condition of
device configurations. Disable device employment.
NIST Cybersecurity Framework: A Quick Start Guide
3 DETECT
DEVELOP AND IMPLEMENT THE
APPROPRIATE ACTIVITIES TO IDENTIFY
THE OCCURRENCE OF A
CYBERSECURITY EVENT.
Test and update detection processes – Maintain and monitor logs – Logs are
Develop and test processes and crucial in order to identify anomalies in
procedures for detecting unauthorized your enterprise’s computers and
ntities and actions on the networks and applications. These logs record events
in the physical environment, including such as changes to systems or accounts
personnel activity. Staff should be aware as well as the initiation of
of their roles and responsibilities for communication channels. Consider
detection and related reporting both using software tools that can aggregate
within your organization and to external these logs and look for patterns or
governance and legal authorities. anomalies from expected network
behavior.
Know the expected data flows for your
enterprise – If you know what and how Understand the impact of cybersecurity
data is expected to be used for your events – If a cybersecurity event is
enterprise, you are much more likely to detected, your enterprise should work
notice when the unexpected happens – quickly and thoroughly to understand
and unexpected is never a good thing the breadth and depth of the impact.
when it comes to cybersecurity. Seek help. Communicating information
Unexpected data flows might include on the event with appropriate
customer information being exported stakeholders will help keep you in good
from an internal database and exiting stead in terms of partners, oversight
the network. If you have contracted bodies, and others (potentially including
work to a cloud or managed service investors) and improve policies and
provider, discuss with them how they processes.
track data flows and report, including
unexpected events.
NIST Cybersecurity Framework: A Quick Start Guide
4 RESPOND
DEVELOP AND IMPLEMENT THE
APPROPRIATE ACTIVITIES TO TAKE
ACTION REGARDING A DETECTED
CYBERSECURITY EVENT.
Ensure response plans are updated –
Testing the plan (and execution during
an incident) inevitably will reveal
needed improvements. Be sure to
update response plans with lessons
learned.
Ensure response plans are tested - It’s
even more important to test response
Coordinate with internal and external
plans to make sure each person knows
stakeholders – It’s important to make
their responsibilities in executing the
sure that your enterprise’s response
plan. The better prepared your
plans and updates include all key
organization is, the more effective the
stakeholders and external service
response is likely to be. This includes
providers. They can contribute to
knowing any legal reporting
improvements in planning and
requirements or required information
execution.
sharing.
5 RECOVER
DEVELOP AND IMPLEMENT THE
APPROPRIATE ACTIVITIES TO
MAINTAIN PLANS FOR RESILIENCE
AND TO RESTORE ANY CAPABILITIES
Ensure recovery plans are updated – As
with response plans, testing execution
will improve employee and partner
awareness and highlight areas for
OR SERVICES THAT WERE IMPAIRED improvement. Be sure to update
DUE TO A CYBER-SECURITY EVENT. Recovery plans with lessons learned.
Communicate with internal and external Manage public relations and company
stakeholders – Part of recovery depends reputation – One of the key aspects of
upon effective communication. Your recovery is managing the enterprise’s
recovery plans need to carefully account reputation. When developing a recovery
for what, how, and when information will plan, consider how you will manage
be shared with various stakeholders so public relations so that your information
that all interested parties receive the sharing is accurate, complete, and
information they need but no timely – and not reactionary.
inappropriate information is shared.
Global MBA in
Digital Transformation
Duration Methodology Credits
1 academic year Live Online 60 ECTS
Dual Degree:
MÁS INFORMACIÓN
BARCELONA | SPAIN
HEADQUARTERS
Almogàvers, 66 | 08018
(+34) 933 001 210
/ MADRID I SPAIN
(+34) 911 091 559
/ LONDON | UK
(+44) 203 76 90 296
/ DUBAI | UAE
(+971) (0) 4311 6252