- Contact Us
This is part 4 of our ongoing blog series on the NIST Cybersecurity Framework. To view our previous posts in this series, please see the links below:
After the countless hours and days that were put into identifying assets within the organization, researching and implementing ways to protect these assets and even going the extra mile by implementing detection mechanisms to alert us in the event of an incident, the stressful day has arrived, and now the fourth function will have to be initiated, which is Respond. The NIST Cybersecurity framework defines the Respond category as; "Develop and implement the appropriate activities to take action regarding a detected cybersecurity event." The Respond function is further broken down into five categories (outlined below) which identify specific areas that organizations should consider in their risk management analysis. Of the 98 subcategories within the NIST Cybersecurity framework, 15 are addressed within the Respond function.
Being able to efficiently and effectively respond to all cybersecurity events is important to all organizations, regardless of the information they are trying to protect. Having a well thought out Incident Response Plan (IRP), Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) will assist greatly in being able to analyze and mitigate the incident.
Some key components that should be identified in all the plans are:
If this blog peaked your interest and you can’t wait until the next installment, feel free to download a copy of the framework at the official website https://www.nist.gov/framework. In addition, you can watch a recording of our webinar from just last month on the recent updates to the NIST Cybersecurity Framework that were released in April of 2018. Click on the button below to watch the recording!