Security Framework Application

To begin with, an information security framework is a series of agreed, documented and understood procedures, processes, and policies that explain how information is managed in a business to lower the risk and vulnerability and increase confidence in an environment that is always connected (Keller, 2017). This essay will look into the control frameworks and more specifically, the NIST 800-53 cybersecurity framework. This framework has been implemented by the company which I represent, and it was established in the firm’s security architecture design (Pohl, 2017). This framework was chosen because it was able to develop essential controls and necessary processes for cybersecurity. 

There are certain risks that the company could not be able to contemplate due to the vital data that the company owned at the time and even today. The access to this data by unauthorized persons could end up being a disaster even worse than that of Target data breach that occurred in 2013 (Barrett, 2018). The NIST 800-53 was the best security measure that could be established to avoid having this type of scenario that could expose sensitive data, cause financial losses, damage the company’s reputation and damage the company’s market position (Barrett, 2018). 

Don't use plagiarized sources. Get Your Custom Essay on
Security Framework Application
Just from $13/Page
Order Essay

The implementation of this framework was done voluntarily, and it is based on well-known practices and standards. The reason why this framework was put into consideration is that it represents the best current practices in the world of cybersecurity. The implementation process is done through a tiered process or in other words maturity levels from partial to adaptive (Sumathi, 2018). There are about four tiers or maturity levels in the NIST framework, but they are referred to like tools that are used for internal communication (McKnight, 2017). This communication occurs between cybersecurity risk management and operational risk management. In this implementation process, the higher the tier, the higher the degree of sophistication and the maturity in how the cybersecurity responses and risks are managed (McKnight, 2017).

There are specific criticisms that have been highlighted, and they are mostly user-related rather than the infrastructural integrity of the system. The top management has been vocal in indicating how the order has been complicated and that it has led the senior persons in the company to ask the wrong questions concerning the actuarial risks rather than the system’s capabilities to prevent potential attackers (Barrett, 2018). They are not able to learn how it works, and this could lead to a problem because it becomes esoteric and exclusive to the IT department. 

The best way in which this issue could be addressed is by having persons being trained to understand how the system works. This is because once certain information has been placed in the hands of an employee working in this department, it could lead to vulnerability (Pohl, 2017). They can end up manipulating the system without the knowledge of the top brass. There should be a hands-on approach in the way the system is monitored and used. This will ensure that a single person is unable to go out of their way into ruining the company’s reputation by causing sabotage out of spite (Keller, 2017). Therefore, it is highly advised that the top and senior management be able to familiarise themselves with the system as soon as possible to get an in-depth understanding of its functionality, implementation processes and procedures (McKnight, 2017)s. 

Conclusion

The NIST system is highly recommended, and many agencies and institutions have used it. However, the politics surrounding the framework could see other better cybersecurity frameworks being developed. This may be done because the NIST framework is government based and it could be subjected to tampering by agencies such as the NSA.

References

Barrett, M. P. (2018). Framework for improving critical infrastructure cybersecurity. National Institute of Standards and Technology, Gaithersburg, MD, USA, Tech. Rep.

Keller, N (2017). “Cybersecurity Framework Draft Version 1.1”. NIST. Retrieved October 5, 2017.

McKnight, J. (2017). The Evolution of Ransomware and Breadth of its Economic Impact (Doctoral dissertation, Utica College).

Pohl, F., & Schotten, H. D. (2017). Secure and scalable remote access tunnels for the IIoT: an assessment of OpenVPN and IPsec performance. In European Conference on Service-Oriented and Cloud Computing (pp. 83-90). Springer, Cham.Sumathi, K., & Damodaram, R. (2018). Survey and analysis of phishing detection techniques. International Journal of Advanced Research in Computer Science, 9(1).

Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more
Live Chat+1(978) 822-0999EmailWhatsApp

Order your essay today and save 20% with the discount code LEMONADE