Analecta Cyber Company Blog: NIST Cybersecurity Framework: Index

NIST Cybersecurity Framework: Index

Overview | Identify | Protect | Detect | Respond | Recover | Index

Analecta NIST Cybersecurity Framework Blog

man drawing gears - Analecta Cyber graphic2019-05-21 | NIST > Protect
Know and Maintain Your Information Systems Baseline
When you incorporate least functionality into your systems, your organization configures the devices to only provide essential capabilities and lock down the remaining functions, protocols and ports.

Eyes scanning - user and asset authentication Analecta Cyber2019-05-07 | NIST > Protect
Who are Your Users? Personnel and Asset Authentication to Reduce Cyber Risk
Authentication: Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to a system’s resources. - NIST CSF

Patch management - stay ahead by planning ahead2019-04-23 | NIST > Protect
Patch Management: Stay Ahead by Planning Ahead
Patch management is the process of identifying, acquiring, installing and verifying patches for products and systems. Some of these patches are intended to correct security and functionality problems in software and firmware.

Keeping the balance between Business Risk Assessment and Business Impact Analysis2019-04-16 | NIST > Identify
Stay Ahead of Risk: Making a Better Risk Assessment
Keeping balance: Deciding between Business Risk Assessment and Business Impact Analysis.

Cybersecurity in apple ipad - Ensuring Accountability: Define Detection Roles and Responsibilities2019-04-09 | NIST > Detect
Ensuring Accountability: Define Detection Roles and Responsibilities
Who in your company is managing your Cybersecurity efforts? If it is the CEO, the multi-hat-wearing sys admin or no one, we need to talk! A dedicated Chief Information Security Officer (CISO) is crucial in designing and retaining a secure posture for the entire company.

Supply Chain Graphic - Analecta LLC Cyber2019-04-02 | NIST > Identify
The Cyber Supply Chain Risk Management Processes: Bringing Everyone On Board
NIST recommends that businesses develop their defenses based on the idea that their systems will be breached at some point.

chain break graphic - Avoid supply chain compromise by using NIST Cybersecurity Risk Management Process2019-03-26 | NIST > Identify
Avoid Supply Chain Compromise by using the NIST Cybersecurity Risk Management Process
The operational successes of these supply chain linkages in business sectors and other entities are also determined by how well they handle and respond to cybersecurity challenges.

fiber optics cable tube graphics - Analecta cyber2019-03-19 | NIST > Protect
Increase Server Capacity and Bandwidth to Reduce the Effects of DDoS Attacks and Server Crashes
You can’t anticipate DDoS attacks, but you can anticipate periods of high demand. Make sure you have enough capacity and bandwidth before you experience heavy usage to keep you up and running.

Employee screening cybersecurity in human resources practices2019-03-12 | NIST > Protect
Including Cybersecurity in Human Resources Practices
HR professionals manage and protect personally identifiable information (PII) data - the most sought-after resource for criminals involved with identity theft.

Trust center dashboard office 365 - Macro settings2019-03-05 | NIST > Protect
Take Charge Over the Masses: Administratively Disable Macros
Trust Center dashboard in Office 365: Macro settings warn that it is not recommended to blindly enable all macros to run automatically.

Restricting software on domain controller computer - Analecta Cyber graphic2019-02-26 | NIST > Protect
Who is Installing Software on YOUR Computers?
Without the right controls in place, personnel may be tempted to install unapproved software on your organization’s systems. This could introduce an unacceptable amount of risk to your devices and make them vulnerable to attack.

Incident Classification and your response plan graphic2019-01-22 | NIST > Identify
Establishing Your Company's INFOSEC Policy
It is important to customize the policy to fit your industry and business requirements. Most industries must account for specific data handling laws within the INFOSEC policy.

Incident Classification and your response plan graphic2019-01-15 | NIST > Respond
Calling a Spade a Spade… Incident Classification and Your Response Plan
An Incident Severity Rating Matrix pairs the Likelihood of an event occurring in your environment to the Impact it will have on your networks and systems.

Log aggregators - logging best practices graphic2019-01-08 | NIST > Detect
Log Aggregators: Deciding Between Off the Shelf or Rolling Your Own
Logging gives information about your internal network so you can quickly identify malicious events. However, anomalies cannot be detected unless logs are being audited. It is far more effective to find trends across more complete datasets, rather than examining individual logs.

Analecta LLC Graphic - New Year's resolution for cybersecurity best practices2018-12-31
New Year's Resolutions for Cybersecurity Best Practices
After the ball has dropped and all of the confetti has been cleaned up, there’s only one more thing to do - jump into 2019 with a renewed focus on cybersecurity

Happy holidays from friends at Analecta banner2018-12-25
Holiday Greeting - 2018, 2019 and Remembering What it's All About
Holiday Greetings! Here's wishing you, your family and everyone involved with your company a Merry Christmas.

Christmas socks - Analecta twelve days of cybersecurity2018-12-18
Analecta’s “The Twelve Days of Cybersecurity”
This version of a holiday classic will keep you in a festive spirit while reminding you about specific cyber concerns, and how to prevent cyber threats to your company.

Improving your recovery process after a cyber incident - Computer keyboard graphic2018-12-11 | NIST > Recover
Improving Your Recovery Process After a Cyber Incident
After you encounter your first cyber incident and have implemented your pre-existing recovery plan, it’s important to take a step back and see what happened.

When a Locked Door Isn’t Enough - Controlling Physical Access to Information Systems2018-12-04 | NIST > Protect
When a Locked Door Isn’t Enough: Controlling Physical Access to Information Systems
Physical security requires more than putting a lock on the front door of your organization and calling it good. Consider a layered approach where each layer of security control complements.

Cloud computing and storage technology - Aerial view of the building, clouds above2018-11-27 | NIST > Detect
Cloud Computing and Storage Technology That’s Down to Earth
Global cloud computing and storage solutions provide a secure and cost-effective means for companies to build and grow to meet ever-demanding needs from their customers.

Protecting your network from ransomware - Ransomware victim screen2018-11-20 | NIST > Detect
Protecting Your Network From Ransomware
Two things to remember above all else: 1) The IRS does not make phone calls and 2) the FBI doesn’t tell you to pay a fine to unlock your files. The image on the left is a bogus popup stating that your machine has been locked by the FBI and that you must pay a fine to unlock it or face arrest and jail time.

Identify your critical services, functions and dependencies - Analecta LLC Graphic2018-11-13 | NIST > Identify
Identify Your Critical Services, Functions and Dependencies
Your business comprises critical services and functions; protect these items first when implementing a cybersecurity plan.

Where does your company fit in critical infrastructure? Power lines graphic - Analecta LLC2018-11-06 | NIST > Identify
Where Does Your Company Fit in Critical Infrastructure?
According to the U.S. Chamber of Commerce, 85% of our nation’s critical infrastructure is owned or operated by members of the private sector. Understanding that your industry is a component of the nation’s critical infrastructure may be straightforward.

Understanding the impact of cyber incident - Analecta LLC graphic2018-10-30 | NIST > Respond
Fully Understanding the Impact and Potential Cost of a Cybersecurity Incident
Cyber criminals are skilled at concealing their work. Identifying the true impact of a cyber incident may require expert technical and business analysis.

Analecta LLC - Cyber Insurance Puzzle Graphic2018-10-23 | NIST > Respond
Protecting Your Company’s Data with Cyber Insurance
Notifying your insurance provider when you discover an incident is only one piece of the incident response puzzle. Find out what laws regarding notification apply to your industry and build them into your response plan.

Cryptographic Hashes - Verifying the Integrity of Your File System Baseline - Analecta LLC Graphic2018-10-16 | NIST > Protect
Cryptographic Hashes: Verifying the Integrity of Your File System Baseline
There are many applications that can create a cryptographic hash (or unique fingerprint) of a file or file system. MD5 and SHA Checksum Utility 2.1 is but one of a handful of hash-producing tools.

 Carefully Testing your Antivirus Software on the Web graphic - Analecta LLC2018-10-09 | NIST > Detect
Carefully Testing your Antivirus Software on the Web
Web browsers should notify users when they navigate to a potentially malicious website. Google’s Chrome browser includes a red background to drive the point home.

Detecting malware using centralized antivirus management system graphic - Analecta LLC2018-10-02 | NIST > Detect
Detecting Malware Using a Centralized Antivirus Management System
SMBs are seeing more and more fake “Virus Detected” warnings that are usually ported via a website. Clicking on the “Update Now” button actually downloads the virus, trojan, worm or worse.

Don't ignore antivirus software warnings2018-09-25 | NIST > Detect
Don’t Ignore Antivirus Software Warnings
There is merit in knowing what your AV “Virus Detected” warnings look like. Many times, users will click on a bogus warning to remove infected files and actually download malware.

FBI Public service announcement screenshot graphic2018-09-04 | NIST > Identify
Finding Additional Resources for Threat and Vulnerability Information
FBI’s Internet Crime Complaint Center (IC3) publishes cyber actor and threat activity informational public service announcements. This May 2018 announcement reached numerous news outlets and warned of the havoc caused by hackers on routers and other network devices

data classification 101 protecting data based on the function it serves2018-08-28 | NIST > Identify
Data Classification 101: Protecting Data Based on the Function It Serves
The Government uses an information classification scheme to keep track of specific documents and how valuable they are with respect to the information they contain. This, in turn, classifies how they are protected, which parties have authority to access their contents, and more importantly, which parties should not have access.

2018-08-14 | NIST > Protect
Putting Information Security on Everyone’s Mind
Studies have shown that user behavior is a contributing factor in 70% to 95% of malware infections. Modifying risky behavior through consistent and thorough employee training can reduce these proportions by 45% to 70%.

2018-07-31 | NIST > Protect
Restricting Removable Devices on Network Machines Part 2: Disabling Host Machine Ports
Limit USB usage on company computers by disconnecting ports from the motherboard, disconnecting ports from the case or by removing them completely. USB drives that cannot be removed/disabled can be reserved for mouse and keyboard use only

2018-07-24 | NIST > Protect
Restricting Removable Devices on Network Machines Part 1: User Education
Hackers play the curiosity card by leaving thumb drives like these in company parking lots to lure potential victims. Bogus files labeled “Employee Raises” will begin to transfer malware, spyware or ransomware once opened.

2018-07-10 | NIST > Recover
Keep Calm and Follow Your Response Plan
A data breach or attack can take a variety of forms. Knowing the network ahead of time and understanding how the traffic looks during normal operations will help the team use anomalies to identify where the attacker may be located.

2018-07-03 | NIST > Recover
A Full Program Perspective on Developing Your Recovery Plan
When a cyber incident strikes your company's information systems, critical business functions become jeopardized. The longer it takes to get back on track, the more devastating it can be to the organization.

2018-06-26 | NIST > Recover
Repairing Your Reputation Following an Incident
Once a company's reputation has been marred by a cyber breach, it will take a tremendous amount of time to put the pieces back together. Mistakes in the past become important lessons learned. Leveraging them can create a better version of your security platform for future events.

2018-06-19 | NIST > Respond
Holding a Lessons Learned After Recovery
There is a high likelihood that your first incident response and recovery experience will only be the beginning of a string of events throughout the course of your career. Each incident recovery will provide you and your incident response team valuable information that you can incorporate into your ever-developing recovery plan.

2018-06-12 | NIST > Respond
Identifying New Vulnerabilities and Implementing Mitigations
The incident response process can only be considered complete when there is an effective mitigation in place and the threat has been fully expelled from the network.

2018-06-05 | NIST > Respond
Why Have a Detection Platform if You Ignore it?
If someone invests in the hardware and software, as well as a rule-update subscription, why would they just let the system keep running without tracking down the alerts that are generated?

2018-05-29 | NIST > Respond
Collaborating with Threat Sharing Groups
Information sharing and analysis organizations (ISAO) share cyber incident, threat and vulnerability info among its members. These organizations can be industry-based, sector-based, geography-based or any combination thereof.

2018-05-22 | NIST > Respond
Creating an Incident Response Plan
"We have a cyber incident. This is not a drill. "Although this is not a declaration any business hopes to utter, the fact is we live in an era of nearly continuous data compromises.

2018-05-15 | NIST > Detect
Defining Incident Thresholds Before They are Needed
Incident thresholds are pre-set conditions that help security personnel resolve risks to the business.

2018-05-08 | NIST > Detect
The Importance of Understanding Your Company's Traffic Flow
NIST Cybersecurity Framework emphasizes knowing your network in intimate detail rather than knowing every possible threat that exists.

2018-05-01 | NIST > Detect
Improving the Intrusion Detection Process
Congratulations! You heeded the advice of implementing a security information and event monitoring (SIEM) system on your company's network, one that combines network monitoring and intrusion detection system (IDS) / intrusion protection system (IPS) alerts.

2018-04-24 | NIST > Detect
Using Network Monitoring to Identify Potential Security Threats
Hackers are targeting SMBs more often because they believe that these companies will be less likely to notice network attacks, let alone be equipped to handle them.

2018-04-17 | NIST > Protect
Managing Remote Access Logs: Tracking Authorized Users to Limit Unauthorized Access
Remote access to systems eases many administrative and employee functional burdens, but comes at a high risk as it can inadvertently provide access to hackers.

2018-04-10 | NIST > Protect
Security Actions for Each Phase of an Information System Development Life Cycle
Incorporating security measures early into each phase of the SDLC will enable your business to adapt to emerging threats without costly patchwork fixes.

2018-04-01 | NIST > Protect
Data Encryption Compliance with the NIST Cybersecurity Framework
The underlying mechanism of encryption/decryption is transparent to most users who will not notice anything different during system authentication. Even if encrypted data is compromised and falls into the hands of malicious actors, it's confidentiality remains intact.

2018-03-25 | NIST > Protect
Implementing Secure Administrator Best Practices: Using the Principle of Least Privilege
A deployment of defenses can be quickly destroyed if critical accounts are compromised by a malicious network attack or hackers determined to wreak havoc.

2018-03-15 | NIST > Identity
Communicating Your Company's Mission, Objectives and Activities for Optimal Cybersecurity
The organization's mission, objectives, stakeholders and activities are understood and prioritized; this information is used to inform cybersecurity roles, responsibilities, and risk management decisions.

2018-03-06 | NIST > Identify
Making Sense of the NIST Cybersecurity Framework: Why You Need an Asset Inventory for Managing Cyber Risk
Organizations need to be able to identify, protect and manage anything that is required to conduct business. Content necessary for effective accountability of information system components should include, hardware, network information and software specifications.