NIST Cybersecurity Framework | Infoblox
Select Page

Learn How We Can Help You Keep Teleworkers Protected During the COVID-19 Crisis

NIST

Best Practices and Standards for Cybersecurity

“As CIOs/CISOs are increasingly held accountable by the board for securing their business infrastructure, they are looking for ways to simplify assessing business risks by adopting industry standard best practices, such as the NIST Cybersecurity Framework. Hence, over 70 percent of IT organizations are already implementing or planning to implement NIST CSF in the next 18 months, to measure the security posture of their business infrastructure.”

Anthony James, VP of Product Marketing, Infoblox

What Is the NIST Cybersecurity Framework?

The U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is a set of best practices and standards that CISOs in both government and private companies are increasingly adopting to improve their overall cybersecurity. Organizations often fail to realize that they can leverage robust DDI services to satisfy some of the guidelines in the NIST CSF to reduce their overall business risks.

What Is the NIST Cybersecurity Framework?

The U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is a set of best practices and standards that CISOs in both government and private companies are increasingly adopting to improve their overall cybersecurity. Organizations often fail to realize that they can leverage robust DDI services to satisfy some of the guidelines in the NIST CSF to reduce their overall business risks.

Basic Components of the NIST Cybersecurity Framework

  • Core: Contains the array of activities, desired outcomes and references, which are applicable across all IT infrastructure components. It consists of five high-level functions: Identify, Protect, Detect, Respond and Recover. These are further divided into 23 categories and 108 subcategories.
  • Implementation Tiers: Provide context on how an organization views its cybersecurity risks and the processes in place to manage those risks. Tiers help organizations characterize their practices in each of the core functions and categories and prioritize the findings into four tiers: Partial, Risk Informed, Repeatable and Adaptive.
  • Profiles: Define the outcomes based on business needs that an organization has selected from the framework categories and subcategories. Your organization can use profiles to prioritize opportunities for improving its cybersecurity by comparing a “current” profile with a “target” profile (desired state).
Learn about the NIST Cybersecurity Framework.

Basic Components of the NIST Cybersecurity Framework

  • Core: Contains the array of activities, desired outcomes and references, which are applicable across all IT infrastructure components. It consists of five high-level functions: Identify, Protect, Detect, Respond and Recover. These are further divided into 23 categories and 108 subcategories.
  • Implementation Tiers: Provide context on how an organization views its cybersecurity risks and the processes in place to manage those risks. Tiers help organizations characterize their practices in each of the core functions and categories and prioritize the findings into four tiers: Partial, Risk Informed, Repeatable and Adaptive.
  • Profiles: Define the outcomes based on business needs that an organization has selected from the framework categories and subcategories. Your organization can use profiles to prioritize opportunities for improving its cybersecurity by comparing a “current” profile with a “target” profile (desired state).

BENEFITS OF THE NIST CYBERSECURITY FRAMEWORK

Applies to both public and private sectors throughout the United States and beyond.

Can co-exist with and take advantage of existing frameworks such as ISO, COBIT, FFIEC and form the basis for compliance programs such as FedRAMP.

Depicts an information security lifecycle that IT typically follows and understands.

Depicts an information security lifecycle that IT typically follows and understands.

Has a common taxonomy that can be applied across a wide variety of IT infrastructure components (network, endpoints, applications and data).

Enables your organization to ultimately reduce the risk of a successful cyberattack, increase the efficiency of cybersecurity budget allocation toward personnel and security controls and enhance security operations’ effectiveness and efficiency.

Read about the benefits and best practices of the NIST Cybersecurity Framework.

The NIST Cybersecurity Framework: Enabling Critical Defense

The NIST CSF addresses the lack of standards for security. It defines a set of best practices that enables IT organizations to effectively manage cybersecurity risks regardless of size, degree of cyberrisk or sophistication of attack. Organizations can voluntarily use this framework to determine their current level of cyberrisks, set goals for cybersecurity that are in sync with their business environment and make plans for improving or maintaining their security posture.

How to Get Started with the NIST Cybersecurity Framework

Download our white paper on the NIST Cybersecurity Framework to learn more. It briefly describes the relevance of DDI services and how they can help secure your critical infrastructure and data. It also discusses how the NIST CSF can improve your organization’s cybersecurity posture using the top 10 must-haves in the foundational network infrastructure services you deploy.

How to Get Started with the NIST Cybersecurity Framework

Download our white paper on the NIST Cybersecurity Framework to learn more. It briefly describes the relevance of DDI services and how they can help secure your critical infrastructure and data. It also discusses how the NIST CSF can improve your organization’s cybersecurity posture using the top 10 must-haves in the foundational network infrastructure services you deploy.

RELATED PRODUCTS

BloxOne™ Threat Defense
Unleash the full power of your security stack

Cybersecurity Ecosystem
Integrate your diverse security infrastructure

Advanced DNS Protection
Defend against the widest range of DNS-based attacks

Threat Intelligence
Stop threats using timely, accurate threat intelligence

[contact-form-7 id="10507" title="Contact form 1"]