Discussion Board: The NIST Cybersecurity Framework
If all organizations utilize all three components of Framework’s system, they minimize their chances of experiencing security breaches and assessing their risks and data management more efficiently. Specifically, by developing a Target Profile using the Tiers scale, it will “influence prioritization within a Target Profile and assessments of progress in addressing gaps,” (Cybersecurity Framework, pg. 9).
If I were to use this Framework for my future workplace, I would identify my companies cybersecurity goals, missions, and potential outcomes with the Core categories and subcategories and make a Current and Target Profile to track the company’s progress while prioritizing the Tiers scale to set an overall tone for the company’s cybersecurity goals.
Write Up: Components of a Business
Discussion Board: Protecting Availability
I would enforce a policy for all my employees to use strong passwords that would make it more difficult for any outside forces to access sensitive information within the company. Alongside using strong passwords, I would require all employees to use a two-factor authorization token such as sending a text to their phone or scan a QR code that is exclusive to their accounts. I believe these are the two easiest, but strongest methods of protecting the availability of my systems because it would allow for easy accessibility for employees, but make accessibility increasingly difficult for outside users.
Write Up: The CIA Triad