- Cyber Security Services
- Compliance Services
- IT Risk and Audit Services
- Contact Us
For the second part of our series on the NIST Cybersecurity Framework, we are going to be discussing the Protect function. Last time we discussed the Identify function which talked about the need to really understand your critical infrastructure, your systems, and the risks associated with those systems so you can move to the next step in the framework, to protect your critical infrastructure. As you can probably see, the functions of the framework build on each other in a logical order. In the first post in this series, I compared the framework to building a house. If the Identify function is the foundation, then the Protect function would be the framing of the outside of your house. You can’t build walls without a firm foundation!
According to NIST, the goal of the Protect function is to “Develop and implement the appropriate safeguards to ensure the delivery of critical infrastructure services.” Just like in the Identify function, the Protect function is broken down into 6 different categories, which we will dive into in a little more depth in a moment. These 6 categories are then broken down further into subcategories, however, since this is a high-level overview of the framework, we are going to stick to just the categories contained within the Protect function:
We are building each week the various parts of our cybersecurity “house” in accordance with the NIST Cybersecurity Framework and the Protect function is the next step in the building process, the walls and roof of the house. One thing that is consistent, and will continue to be consistent and obvious over the next functions is the critical importance of Information Security Policies and Procedures. While one of the categories mentioned above talks specifically about these policies and procedures, most of the other categories referenced having these policies and procedures implemented. Are creating and implementing policies and procedures fun? No, no they are not. But they are a critical necessity and the good news is that we have an ebook that will give you a great place to start. To download a copy, click on the image below. Next week we will move on to the 3rd function of the framework, the Detect function! Till then, stay safe!