Cyber attacks have proven to affect the continuity of a business as well as compromising the internal and external data stored within an organisation - consequently, having a reputational and financial impact
This is my last blog in the recent series I have been writing about Protect part of the NIST cybersecurity framework. So far in In this series I have covered Access Control; Awareness and Training; Data Security; Information Protection Processes and Procedures. This concluding blog focuses on Protective Technology.
Thank you for reading my latest blog on NIST standards and the Protect function. In this blog I will look at how Data Security falls under the Protect function. User access control starts the ball rolling on this so it’s all about knowing what the criticality and sensitivity of your data is. Assess your data’s criticality to the business. Know what you data assets are.
In my last blog I examined the NIST Framework Protect function and what that means for organisations, their IT teams, Chief Risk Officers and the C-suite. In this week’s blog I examine how Awareness and training form a major pillar of the Protect function.
In this series of blogs I will examine the Protect function and what that means for organisations, their IT teams, Chief Risk Officers and the C-suite. It is important to develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services. The Protect Function supports the ability to limit or contain the impact of a potential cyber security event. Examples of outcome Categories within this Function include: Access Control; Awareness and Training; Data Security; Information Protection Processes and Procedures; Maintenance; and Protective Technology. So what is access control?