New Cybersecurity Guidelines Released by White House, Part 1 -- Security Today

New Cybersecurity Guidelines Released by White House, Part 1

By Ginger Hill
Feb 12, 2014

To assist businesses in managing the growing risk of web-based attacks, the National Institute for Standards and Technology has assembled a 41-page cybersecurity framework as a guide for cybersecurity. Broken into 4 different tiers of protection according to varying risks and resources and introduced by the White House earlier today, President Obama signed the official order for this framework earlier this month.

“We cannot look back years from now and wonder why we did nothing in the fact of real threats to our security and our economy,” said Obama.

Below is the Framework Core, comprised of 4 elements that present key cybersecurity outcomes identified by specific industries. For the security industry, I think it would be beneficial to complete this core for as many verticals as possible, from education to oil and gas to fire and life safety to access control and beyond.

New Cybersecurity Guidelines Released by White House, Part 1

Functions Column – organizes basic cyber security activities; aids organizations in managing risk; addresses threats; and improves learning from previous activities.

Identify: manage cybersecurity risks by understanding business context, identifying resources used to support the business; creating risk management strategy.

Protect: implement safeguards to limit and/or contain the impact of unwanted cyber events.

Detect: implement activities to ensure a timely discover of unwanted cyber events.

Respond: take action quickly and effectively.

Recover: develop and implement a plan for resiliency and to restore business functions quickly.

Categories Column – groups of cybersecurity outcomes closely tied to particular activities.

Subcategories Column – specific outcomes of management activities.

Informative References Column – standards, guidelines and practices.

Once you have identified your company’s framework, it’s time to discover how your organization views cybersecurity risks and identify the processes in place to manage these risks by choosing the tier in which your business currently identifies with most.

Click here for Part 2 of this article where I introduce the tiers and give tips on how to select the correct tier for your company!

(Image from the official framework's PDF.)

About the Author

Ginger Hill is Group Social Media Manager.

If you like what you see, get more delivered to your inbox weekly.
Click here to subscribe to our free premium content.

comments powered by Disqus

SPONSORED VIDEO - Click here for more info.

Digital Edition

October 2019

Featuring:

• Expanding Cybersecurity Solutions
• The Mighty PoE
• Theft on Wheels
• Smart City Technologies
• Quality Control is Everything
View This Issue

New Cybersecurity Guidelines Released by White House, Part 1

The Secrets of Successful Cybersecurity Threat Hunters

Research: 5G Networks Still Vulnerable to Location Tracking, Downgrading Attacks

Gun Manufacturer Could be Held Liable for Sandy Hook Shooting

ADT Commercial Purchases Critical Systems

First: "Do No Harm." Are Active Shooter Drills Missing the Point?

Security Tech Company Raided, Charged With Selling Chinese-Made Equipment to Federal Agencies

Digital Edition

October 2019

Whitepapers

The AI (R)Evolution of Enterprise Security

Perimeter and Intruder Security for Educational Establishments

Webinars

Active Shooter: Student/Parent Reunification

How can the most optimized security solution in the industry help you?

Video Surveillance - What is the Trade-off Between Product Cost and Quality Solutions?