What is framework and why can it be useful ?

Posted by mowus005 on

Date: 1/27/19

Details

With the U.S and the rest of the world being ushered more and more into a cyber age, the use of technology in individual lives, communities, businesses, organizations, and other institutes has been increasing swiftly. Although this is seen as something positive, it comes with disadvantages like the increase of cyber attacks and their devastation. This is why certain measures must be set and implemented in order to prevent a breach of security. This is where the framework comes into the equation. A framework is a risk-based approach to managing cybersecurity contingencies. It is not an alternative to cybersecurity programs and risk management processes but rather complements them. The framework comprises of three parts; the framework core, framework implementation tiers, and a framework profile. The framework core is the common activities, outcomes and relevant references that enables functional communication from all levels within an organization. Tiers are basically the organizations perspective on cybersecurity and the measures used to handle risks. A framework profile is a representation of the outcomes of business needs derived from framework categories and subcategories(“01b – NIST_Improving Cybersecurity.pdf”, 2019). According to the National Institute of Standards and Technology, the five core activities of cybersecurity framework are as follows: First comes the Identity, this involves understanding everything about the business and its critical functions in order to create a more consistent risk management process. Next is Protect which helps lessens the impact of potential cyber threats. Detect is set in place to discover actual cyber attacks occurring. Respond occurs after detection and basically, it involves taking the appropriate action towards the treat to stop it. Finally Recover is the business bouncing back on its feet and restoring any damage. Not only is restoration occurring but also improvements are being made. The usefulness of the framework can clearly be seen through these core activities that not only reduce and manage cyber risk but also improve resilience against them.            

 

References

01b – NIST_Improving Cybersecurity.pdf. (2019). Retrieved from https://drive.google.com/open?id=1wPp9kofp-gdlu3NAisszeM8d8ko1djF1

Leave a Reply

Your email address will not be published. Required fields are marked *