In: Computer Science
Describe when some cybersecurity framework controls cannot be implemented (such as on a personal laptop, IoT, and other mobile devices).
A Cybersecurity framework is a set of controls that when met, represents a fully functional cybersecurity program. The two most common cybersecurity frameworks are the NIST Cybersecurity Framework and ISO-27000, although there are dozens of different frameworks that serve the needs of different industries. Some frameworks are focused around specific industries while others just vary in wording and controls. 84% of organizations in the US utilize a cybersecurity framework, and 44% use more than one according to Tenable.
Cyber security Framework controls cannot be implemented on devices such as laptops, LoT’s and other mobile devices due to following reasons:
Identify: Identify is focused on laying the groundwork for an effective cybersecurity program. Controls in this group include conducting a risk assessment, inventorying IT assets, and creating a comprehensive risk management strategy. By identifying risks and documenting where sensitive data is stored your organization can ensure controls are effectively implemented to protect the most critical business processes and most valuable data.
Protect: The protect function involves implementing technology and creating processes to ensure the adequate protection of data. These controls include providing employees with security awareness training, employing protective technologies such as anti-virus, and access controls.
Detect: Detecting potential cybersecurity incidents is critical. Many companies only find out they have been breached when their proprietary or customer information is sold on the dark web. The Detect function of the NIST Cybersecurity framework involves controls designed to ensure your organization detects potential incidents when they occur.
Respond: No matter how good your cybersecurity posture is, incidents can still happen. Controls found in the response function focus on ensuring that your organization has the capacity to rapidly and efficiently respond to a cybersecurity incident. When an incident occurs seconds matter.
Recover: Recovering from a cybersecurity incident can be tough. You have to worry about managing brand reputation, restoring functionality to IT assets, and ensuring that your systems are clean. Controls in the Recover function cover lessons learned, planning for recovery before the incident, and testing recovery processes.
Unless a specific framework is mandated by their industry or regulatory body, most companies should focus on following the NIST Cybersecurity Framework. It is comprehensive, understandable, and meets many compliance requirements by default. By following the NIST Cybersecurity Framework you can be confident that you are adhering to cybersecurity best practices.