Security frameworks provide a systematic methodology and a language framework for the management of cybersecurity risks. The creation of a security framework profiles give organizations the ability to identify area where of existing processes may be implemented or strengthened. An indication of whether a company takes security awareness serious or not can be shown through the budget of that company. Security awareness measures shown could be whether the company prioritizes on, and how the company measure other ways of funds collection. This is a report on how NIST security framework help in the creation of my organizations security framework.
NIST System functioning
According to Information Systems Audit and Control Association (2014), NIST is a cybersecurity framework that is designed for organizations and individual businesses to assess the risks that they may encounter. The network has three parts namely: tier, profile, and core. The core contains an array of activities, references, and frameworks about cybersecurity approaches and aspects. On the other hand, the framework profile presets the list of outcomes that organizations have to choose from categories and subcategories with reference to its risk and needs assessment. On the other hand, the profile framework implementation tiers enables the organizations to clarify itself and its partners on its perception on cybersecurity risks and the level of sophistication in of the management approach. Typically, organizations start with NIST framework in the development of their current framework which describe cybersecurity activities and the results of its achievement (United States, 2017). Moreover, NIST helps organizations to develop its profile specifically to fit its industry infrastructure or type of organization and defines the steps from current profile to target profile.
Network security framework for my organization includes risks and potential security threats, enhancement of network performance, limited access to sensitive information, and denied unauthorized access. Protecting network in all its entry points, reliable passwords, as well as the use of advanced devices and antivirus software for network security. Some of the network security devices include, active, passive devices, Unified Threat Management (UTM) devices, and preventive devices.
From the organization’s security framework, NIST cybersecurity framework played a critical role in the development and implementation of the security system in the organization. First, the NIST framework complemented the organizations security framework and its management of risks by providing more secure firewalls. Also, the system through its profile framework enabled the organization to develop a security framework that fits its industry specifications. As a result, the organization’s security framework is tailored to fight specific risks associated with the IT industry by ensuring the risks that are associated with PC and phone usage are minimized.
Moreover, through the tier framework, NIST enabled the organization to develop a security system that is appropriate for its cybersecurity program. Tiers components of NIST assisted the organization by providing it with a context on how it can view its security management system. As a result, the organizations levered the tiers to discuss it budget, risk appetite, and mission priority. Lastly, through the profile frameworks, the organization was able to identify the ways through which it could improve or strengthen its access control to the database. Besides, the profiles improved communication throughout the organization after it was paired with an easy to understand language. As a result, communication between stakeholders improved thus eradicating the risks and errors that were associated with communication lapse in the organization.
NIST provides organizations with security frameworks that enables them improve their security system and create security awareness. Security awareness is just but one way of creating a protection plan that is viable. Other avenues may include creation of security policies, assessing the vulnerabilities of the company, security technology investment among others. However, all these are not remotely helpful if the employees form easy targets in fishing the attacks thus security awareness is most important.
Al-Shaer, E., & SpringerLink (Online service). (2014). Automated Firewall Analytics: Design, Configuration and Optimization. (Springer eBooks.) Cham: Springer International Publishing.
Information Systems Audit and Control Association. (2014). Implementing the NIST: Cybersecurity framework.United States. (2017). NIST Cybersecurity Framework, Assessment, and Auditing Act of 2017: Report together with minority views (to accompany H.R. 1224) (including cost estimate of the Congressional Budget Office).
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more