Cyber attacks and data breaches are no longer surprising. With the rash of highly motivated sophisticated attackers across the globe, many of us have come to terms with the idea that those things may be inevitable. But applying that notion to national critical infrastructure, like utilities, food supply, banking, or first responders, could have devastating consequences.
The Creation of a Framework
In February of 2013 the Executive Office of the President set into motion steps to improve the cybersecurity of US critical infrastructure. The Executive Order mandated the development of a voluntary risk based cybersecurity framework based on industry standards and best practices. This framework would help organizations manage their cybersecurity risk. NIST rolled up their sleeves, consulted with industry and the Framework for Improving Critical Infrastructure Cybersecurity, now referred to widely as the Cybersecurity Framework, came to be.
Not Just for Critical Infrastructure Anymore
The NIST developed framework uses business drivers and guidance to inform an organizational risk management process. It is designed to be flexible and customizable. While imagined for critical infrastructure it is now used widely as the de facto standard for risk management, not only across US government and private sector organizations but also internationally.
Achieving the Standard
Our sales and engineering teams are often asked how BeyondTrust supports implementation of the Cybersecurity Framework. We’ve taken a close look at the NIST guidance to align our solution capabilities to the core functions of Identity, Protect, Detect and Respond. Our new guide, Implementing NIST Cybersecurity Framework Standards with BeyondTrust Solutions, details the Cybersecurity Framework functions that include areas of privileged access management, vulnerability management, behavioral and threat analytics guidelines and practices supported by BeyondTrust as they align to the specific NIST SP800-53.r4 controls referenced in the framework.
You Don’t Have to do it Alone
If you are considering implementing the NIST Cybersecurity Framework guidance in your risk management strategy, contact us for a strategy session. BeyondTrust has the experience and solutions support your cybersecurity goals.
Scott Lang, Sr. Director, Product Marketing at BeyondTrust
Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.