Analecta Cyber Company Blog: NIST Cybersecurity Framework Category: Protect

NIST Cybersecurity Framework Category: Protect

Overview | Identify | Protect | Detect | Respond | Recover | Index

During a threat, safeguarding critical assets should be the first priority. Direct control of physical assets will mitigate the impact of an intrusion. Protective technologies go hand in hand with cyber resiliency and are necessary in keeping the company true to its mission.

Eyes scanning - user and asset authentication Analecta Cyber2019-05-07 | NIST > Protect
Who are Your Users? Personnel and Asset Authentication to Reduce Cyber Risk
Authentication: Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to a system’s resources. - NIST CSF

man drawing gears - Analecta Cyber graphic2019-05-21 | NIST > Protect
Know and Maintain Your Information Systems Baseline
When you incorporate least functionality into your systems, your organization configures the devices to only provide essential capabilities and lock down the remaining functions, protocols and ports.

Patch management - stay ahead by planning ahead2019-04-23 | NIST > Protect
Patch Management: Stay Ahead by Planning Ahead
Patch management is the process of identifying, acquiring, installing and verifying patches for products and systems. Some of these patches are intended to correct security and functionality problems in software and firmware.

fiber optics cable tube graphics - Analecta cyber2019-03-19 | NIST > Protect
Increase Server Capacity and Bandwidth to Reduce the Effects of DDoS Attacks and Server Crashes
You can’t anticipate DDoS attacks, but you can anticipate periods of high demand. Make sure you have enough capacity and bandwidth before you experience heavy usage to keep you up and running.

Employee screening cybersecurity in human resources practices2019-03-12 | NIST > Protect
Including Cybersecurity in Human Resources Practices
HR professionals manage and protect personally identifiable information (PII) data - the most sought-after resource for criminals involved with identity theft.

Trust center dashboard office 365 - Macro settings2019-03-05 | NIST > Protect
Take Charge Over the Masses: Administratively Disable Macros
Trust Center dashboard in Office 365: Macro settings warn that it is not recommended to blindly enable all macros to run automatically.

Restricting software on domain controller computer - Analecta Cyber graphic2019-02-26 | NIST > Protect
Who is Installing Software on YOUR Computers?
Without the right controls in place, personnel may be tempted to install unapproved software on your organization’s systems. This could introduce an unacceptable amount of risk to your devices and make them vulnerable to attack.

When a Locked Door Isn’t Enough - Controlling Physical Access to Information Systems2018-12-04 | NIST > Protect
When a Locked Door Isn’t Enough: Controlling Physical Access to Information Systems
Physical security requires more than putting a lock on the front door of your organization and calling it good. Consider a layered approach where each layer of security control complements.

Cryptographic Hashes - Verifying the Integrity of Your File System Baseline - Analecta LLC Graphic2018-10-16 | NIST > Protect
Cryptographic Hashes: Verifying the Integrity of Your File System Baseline
There are many applications that can create a cryptographic hash (or unique fingerprint) of a file or file system. MD5 and SHA Checksum Utility 2.1 is but one of a handful of hash-producing tools.

2018-08-14 | NIST > Protect
Putting Information Security on Everyone’s Mind
Studies have shown that user behavior is a contributing factor in 70% to 95% of malware infections. Modifying risky behavior through consistent and thorough employee training can reduce these proportions by 45% to 70%.

2018-07-31 | NIST > Protect
Restricting Removable Devices on Network Machines Part 2: Disabling Host Machine Ports
Limit USB usage on company computers by disconnecting ports from the motherboard, disconnecting ports from the case or by removing them completely. USB drives that cannot be removed/disabled can be reserved for mouse and keyboard use only

2018-07-24 | NIST > Protect
Restricting Removable Devices on Network Machines Part 1: User Education
Hackers play the curiosity card by leaving thumb drives like these in company parking lots to lure potential victims. Bogus files labeled “Employee Raises” will begin to transfer malware, spyware or ransomware once opened.


2018-04-17 | NIST > Protect
Managing Remote Access Logs: Tracking Authorized Users to Limit Unauthorized Access
Remote access to systems eases many administrative and employee functional burdens, but comes at a high risk as it can inadvertently provide access to hackers.

2018-04-10 | NIST > Protect
Security Actions for Each Phase of an Information System Development Life Cycle
Incorporating security measures early into each phase of the SDLC will enable your business to adapt to emerging threats without costly patchwork fixes.

2018-04-01 | NIST > Protect
Data Encryption Compliance with the NIST Cybersecurity Framework
The underlying mechanism of encryption/decryption is transparent to most users who will not notice anything different during system authentication. Even if encrypted data is compromised and falls into the hands of malicious actors, it's confidentiality remains intact.

2018-03-25 | NIST > Protect
Implementing Secure Administrator Best Practices: Using the Principle of Least Privilege
A deployment of defenses can be quickly destroyed if critical accounts are compromised by a malicious network attack or hackers determined to wreak havoc.

No comments :

Post a Comment