This blog post is an excerpt from GovLoop's recent Research Brief, "Where Government & the NIST Cybersecurity Framework Meet."
The National Institute of Standards and Technology (NIST) works to promote U.S. innovation and competitiveness by advancing science, standards and related technology through research and development in ways that enhance economic security and improve quality of life. To help the nation address its greatest information security challenges, NIST’s cybersecurity programs seek to enable greater development and application of innovative security technologies. More specifically, NIST provides guidelines for federal, state and local agencies to help them address the nation’s greatest challenges, like cyberthreats.
That’s why, in 2014, the institute developed the NIST Cybersecurity Framework (CSF), which was created through collaboration between industry and government. The CSF consists of standards, guidelines and practices to promote the protection of critical infrastructure and improve government security.
To gauge how government is using the Cybersecurity Framework and its effectiveness, GovLoop partnered with Symantec, a leader in addressing advanced security threats, to survey 284 public-sector employees. The survey focused on the CSF’s usage, perception and outcomes in government cybersecurity.
GovLoop also interviewed Kevin McPeak, Certified Information Systems Security Professional (CISSP) and Principal Cyber Architect for the Federal Sector at Symantec, to gain a better understanding of the survey results and specific ways government can use the Cybersecurity Framework to strengthen its cyber posture.
Having a cyber framework in place yields many benefits for agencies, particularly in knowing where to start combating cyberthreats or implementing recommendations. While following NIST’s recommendations does not necessarily guarantee elimination of cyberthreats, it will significantly improve an agency’s cybersecurity posture.
Survey respondents agreed. Sixty-eight percent of survey respondents said their confidence levels in the Cybersecurity Framework were high (Figure 8), while 85 percent believe that using the CSF will help reduce their cyberrisk (Figure 9).
In addition to better security, agencies can reap other benefits by leveraging the CSF, including decreased costs, better prioritizing of resources and reduced redundancies.
A big part of successful CSF outcomes is using the right tools. “You want to make sure you’re matching your solution to your agency’s specific needs,” McPeak said. “You can then identify where you have redundant solutions in place and clarify what you have and what you’re missing. That way, you can streamline efforts and reduce your total costs by identifying what you really need to spend money on.”
Agencies need the right tools to help ensure successful CSF implementation and outcomes. Solutions like Advanced Threat Protection (ATP) platforms can help you visually map out your IT environment and where you need to prioritize resources based on your agency’s mission. Such platforms can help uncover, prioritize, investigate and remediate advanced threats across multiple control points from a single console.
An agency can streamline its efforts and save on costs by prioritizing anomalous events, allowing security analysts to focus on what matters most. IT leaders can uncover stealthy threats that others miss by leveraging large civilian threat intelligence networks. Incident responders are then notified as soon as an organization has been identified as a target of an active attack campaign. ATP platforms can help agencies carry out these practices to better guarantee successful outcomes:
1. Detect, prioritize, investigate and remediate threats across multiple control points in a single console.
2. Uncover stealthy threats across endpoints, network, email and web traffic.
3. Prioritize what matters most by correlating across events from all control points for complete visibility and faster remediation.
4. Contain and remediate any potential cyberattack in minutes, with a single click.
Ultimately, with ATP, your agency can better repair any gaps in its cyber defense. Whatever you may have overlooked or not properly allocated enough resources toward, ATP can help you better detect and remediate such gaps. Paired with ATP, the CSF can help agencies apply more focus on critical areas, based on individual agency mission requirements. Agencies can achieve better return on investment knowing that they are not just throwing money aimlessly into components of their IT infrastructure that are not critical to the agency or vulnerable to threats.