Analecta Cyber Company Blog: NIST Cybersecurity Framework: Index

NIST Cybersecurity Framework: Index

Overview | Identify | Protect | Detect | Respond | Recover | Index

Analecta NIST Cybersecurity Framework Blog

Identify your critical services, functions and dependencies - Analecta LLC Graphic2018-11-13 | NIST > Identify
Identify Your Critical Services, Functions and Dependencies
Your business comprises critical services and functions; protect these items first when implementing a cybersecurity plan.

Where does your company fit in critical infrastructure? Power lines graphic - Analecta LLC2018-11-06 | NIST > Identify
Where Does Your Company Fit in Critical Infrastructure?
According to the U.S. Chamber of Commerce, 85% of our nation’s critical infrastructure is owned or operated by members of the private sector. Understanding that your industry is a component of the nation’s critical infrastructure may be straightforward.

Understanding the impact of cyber incident - Analecta LLC graphic2018-10-30 | NIST > Respond
Fully Understanding the Impact and Potential Cost of a Cybersecurity Incident
Cyber criminals are skilled at concealing their work. Identifying the true impact of a cyber incident may require expert technical and business analysis.

Analecta LLC - Cyber Insurance Puzzle Graphic2018-10-23 | NIST > Respond
Protecting Your Company’s Data with Cyber Insurance
Notifying your insurance provider when you discover an incident is only one piece of the incident response puzzle. Find out what laws regarding notification apply to your industry and build them into your response plan.

Cryptographic Hashes - Verifying the Integrity of Your File System Baseline - Analecta LLC Graphic2018-10-16 | NIST > Protect
Cryptographic Hashes: Verifying the Integrity of Your File System Baseline
There are many applications that can create a cryptographic hash (or unique fingerprint) of a file or file system. MD5 and SHA Checksum Utility 2.1 is but one of a handful of hash-producing tools.

 Carefully Testing your Antivirus Software on the Web graphic - Analecta LLC2018-10-09 | NIST > Detect
Carefully Testing your Antivirus Software on the Web
Web browsers should notify users when they navigate to a potentially malicious website. Google’s Chrome browser includes a red background to drive the point home.

Detecting malware using centralized antivirus management system graphic - Analecta LLC2018-10-02 | NIST > Detect
Detecting Malware Using a Centralized Antivirus Management System
SMBs are seeing more and more fake “Virus Detected” warnings that are usually ported via a website. Clicking on the “Update Now” button actually downloads the virus, trojan, worm or worse.

Don't ignore antivirus software warnings2018-09-25 | NIST > Detect
Don’t Ignore Antivirus Software Warnings
There is merit in knowing what your AV “Virus Detected” warnings look like. Many times, users will click on a bogus warning to remove infected files and actually download malware.

FBI Public service announcement screenshot graphic2018-09-04 | NIST > Identify
Finding Additional Resources for Threat and Vulnerability Information
FBI’s Internet Crime Complaint Center (IC3) publishes cyber actor and threat activity informational public service announcements. This May 2018 announcement reached numerous news outlets and warned of the havoc caused by hackers on routers and other network devices

data classification 101 protecting data based on the function it serves2018-08-28 | NIST > Identify
Data Classification 101: Protecting Data Based on the Function It Serves
The Government uses an information classification scheme to keep track of specific documents and how valuable they are with respect to the information they contain. This, in turn, classifies how they are protected, which parties have authority to access their contents, and more importantly, which parties should not have access.

2018-08-14 | NIST > Protect
Putting Information Security on Everyone’s Mind
Studies have shown that user behavior is a contributing factor in 70% to 95% of malware infections. Modifying risky behavior through consistent and thorough employee training can reduce these proportions by 45% to 70%.

2018-07-31 | NIST > Protect
Restricting Removable Devices on Network Machines Part 2: Disabling Host Machine Ports
Limit USB usage on company computers by disconnecting ports from the motherboard, disconnecting ports from the case or by removing them completely. USB drives that cannot be removed/disabled can be reserved for mouse and keyboard use only

2018-07-24 | NIST > Protect
Restricting Removable Devices on Network Machines Part 1: User Education
Hackers play the curiosity card by leaving thumb drives like these in company parking lots to lure potential victims. Bogus files labeled “Employee Raises” will begin to transfer malware, spyware or ransomware once opened.

2018-07-10 | NIST > Recover
Keep Calm and Follow Your Response Plan
A data breach or attack can take a variety of forms. Knowing the network ahead of time and understanding how the traffic looks during normal operations will help the team use anomalies to identify where the attacker may be located.

2018-07-03 | NIST > Recover
A Full Program Perspective on Developing Your Recovery Plan
When a cyber incident strikes your company's information systems, critical business functions become jeopardized. The longer it takes to get back on track, the more devastating it can be to the organization.

2018-06-26 | NIST > Recover
Repairing Your Reputation Following an Incident
Once a company's reputation has been marred by a cyber breach, it will take a tremendous amount of time to put the pieces back together. Mistakes in the past become important lessons learned. Leveraging them can create a better version of your security platform for future events.

2018-06-19 | NIST > Respond
Holding a Lessons Learned After Recovery
There is a high likelihood that your first incident response and recovery experience will only be the beginning of a string of events throughout the course of your career. Each incident recovery will provide you and your incident response team valuable information that you can incorporate into your ever-developing recovery plan.

2018-06-12 | NIST > Respond
Identifying New Vulnerabilities and Implementing Mitigations
The incident response process can only be considered complete when there is an effective mitigation in place and the threat has been fully expelled from the network.

2018-06-05 | NIST > Respond
Why Have a Detection Platform if You Ignore it?
If someone invests in the hardware and software, as well as a rule-update subscription, why would they just let the system keep running without tracking down the alerts that are generated?

2018-05-29 | NIST > Respond
Collaborating with Threat Sharing Groups
Information sharing and analysis organizations (ISAO) share cyber incident, threat and vulnerability info among its members. These organizations can be industry-based, sector-based, geography-based or any combination thereof.

2018-05-22 | NIST > Respond
Creating an Incident Response Plan
"We have a cyber incident. This is not a drill. "Although this is not a declaration any business hopes to utter, the fact is we live in an era of nearly continuous data compromises.

2018-05-15 | NIST > Detect
Defining Incident Thresholds Before They are Needed
Incident thresholds are pre-set conditions that help security personnel resolve risks to the business.

2018-05-08 | NIST > Detect
The Importance of Understanding Your Company's Traffic Flow
NIST Cybersecurity Framework emphasizes knowing your network in intimate detail rather than knowing every possible threat that exists.

2018-05-01 | NIST > Detect
Improving the Intrusion Detection Process
Congratulations! You heeded the advice of implementing a security information and event monitoring (SIEM) system on your company's network, one that combines network monitoring and intrusion detection system (IDS) / intrusion protection system (IPS) alerts.

2018-04-24 | NIST > Detect
Using Network Monitoring to Identify Potential Security Threats
Hackers are targeting SMBs more often because they believe that these companies will be less likely to notice network attacks, let alone be equipped to handle them.

2018-04-17 | NIST > Protect
Managing Remote Access Logs: Tracking Authorized Users to Limit Unauthorized Access
Remote access to systems eases many administrative and employee functional burdens, but comes at a high risk as it can inadvertently provide access to hackers.

2018-04-10 | NIST > Protect
Security Actions for Each Phase of an Information System Development Life Cycle
Incorporating security measures early into each phase of the SDLC will enable your business to adapt to emerging threats without costly patchwork fixes.

2018-04-01 | NIST > Protect
Data Encryption Compliance with the NIST Cybersecurity Framework
The underlying mechanism of encryption/decryption is transparent to most users who will not notice anything different during system authentication. Even if encrypted data is compromised and falls into the hands of malicious actors, it's confidentiality remains intact.

2018-03-25 | NIST > Protect
Implementing Secure Administrator Best Practices: Using the Principle of Least Privilege
A deployment of defenses can be quickly destroyed if critical accounts are compromised by a malicious network attack or hackers determined to wreak havoc.

2018-03-15 | NIST > Identity
Communicating Your Company's Mission, Objectives and Activities for Optimal Cybersecurity
The organization's mission, objectives, stakeholders and activities are understood and prioritized; this information is used to inform cybersecurity roles, responsibilities, and risk management decisions.

2018-03-06 | NIST > Identify
Making Sense of the NIST Cybersecurity Framework: Why You Need an Asset Inventory for Managing Cyber Risk
Organizations need to be able to identify, protect and manage anything that is required to conduct business. Content necessary for effective accountability of information system components should include, hardware, network information and software specifications.