The UK Government-backed Cyber Essentials Plus data security framework is now in force. Designed to advance cybersecurity best practices in the face of sophisticated attacks, the grace period for Cyber Essentials Plus expired in January 2023. Today, if your business wants to work with the Ministry of Defence, you must obtain a Cyber Essentials Plus certification. But there’s a new framework in town. And its name is NIST.
The National Institute for Standards and Technology Cybersecurity Framework is not all that new. But this US government initiative is gaining more traction in the UK and Europe. Cyber Essentials Plus has now firmly entrenched in the UK IT psyche. However, we expect NIST to become a hot topic of conversation as we progress through 2023.
Time to shore up your defences
Companies have plenty of good reasons to shore up their cybersecurity defences. According to the latest government cybersecurity breaches survey, 39% of UK businesses experienced a cyberattack last year. Nearly one in three of these organisations estimated they were attacked at least once a week. The most common threat vector was phishing attempts. Yet, 21% identified a more sophisticated attack type, such as a denial of service, malware, or ransomware attack.
In a similar way to Cyber Essentials Plus, the NIST cybersecurity framework was designed to give organisations a structure for compliance, assessing and improving their ability to prevent, detect, and respond to cyber incidents. Its primary focus was on US critical infrastructure, such as the national electric power grid, banking, communications, and transportation systems. The framework became mandatory for the US public sector in 2017. It now has a global network of users, including many organisations in the UK.
It comprises five pillars, all working continuously to form the foundations of successful cybersecurity risk management. The five pillars are Identify, Protect, Detect, Respond, and Recover, and UK-based organisations are using them to lay the foundations for heightened cybersecurity protection.
Identify
The Identify phase helps organisations to understand their current security environment fully. It ensures they can successfully manage any threats. It includes assessing data, systems, and assets, helping organisations to identify risks within the context of their business and industry.
Protect
The Protect phase instructs organisations how to understand their cybersecurity risks, and evaluate whether their safeguards offer sufficient protection. This phase is concerned with an organisation’s capability to contain or limit any impacts arising from cybersecurity events.
Detect
The Detect phase lays out the essential processes necessary to identify cybersecurity events as they happen. It emphasises timely detection to allow for the proper response to be initiated. From detecting anomalies, to tracking data and assets, and maintaining detection processes, Detect ensures the availability and reliability of your chosen cybersecurity protocols.
Respond
The Respond phase deals with the containment of cybersecurity threats and incidents. It focuses on response planning, ensuring a timely resolution using properly executed procedures and processes, communication, and analysis. This phase also details activities that can prevent the cybersecurity event from expanding while eradicating or counteracting its effects.
Recover
Lastly, the Recover phase enables organisations to heighten business resilience. It seeks to quickly restore compromised services, capabilities, and capacities to ensure everything works as intended. Organising recovery procedures based on priority, reviewing events, and strengthening the future recovery strategy, as well as coordinating communication with all stakeholders to ensure the successful restoration of services, are all hallmarks of the Recover phase.
With a combination of Cyber Essentials Plus and the NIST framework, your organisation can build defences against costly downtime, escape reputational damage and loss of goodwill, and avoid theft of intellectual property, as well as improve supply chain security.
If you’re looking for more ways to stay vigilant against attack, we’ve outlined a 20-point compliance and protection plan. It will help you oversee hardware devices, software and firmware updates, secure configurations, password management, malware protection, and identity and access management. It might be exactly what you need to guard against financial and data loss.
JumpCloud is a zero-trust directory platform that allows customers to authenticate, authorise, and manage users, devices, and applications. The company’s open directory platform makes it possible to unify your technology stack across identity, access, and device management, in a cost-effective manner that doesn’t sacrifice security or functionality.
