As a beginner in GRC, the NIST framework is one of the key frameworks you need to understand. I have simplified its concepts to make them more accessible for beginners. This way, if you ever need to explain these concepts, you’ll have a solid foundation and the confidence to articulate them effectively.
- IDENTIFY: Understanding what to protect and knowing the potential risks that could arise. Before protecting, you need to understand the assets and data in the organization, storage, and how they are processed.
Do your asset inventory, determining the critical/non-critical assets, sensitive data, devices, software, etc.
TOOLS
> ServiceNow CMDB
> NIST 800–30
2. PROTECT: Setting up defense mechanisms and barriers to keep out threats, ensuring employee training and data accessibility.
STEPS
Access Management: Tools such as Okta and Azure AD ensure that only authorized individuals have access to data
Encryption: TLS (Transport Layer Security) and SSL (Secured Socket Layer)
Don’t forget employee training is important, humans are always the weakest link in security.
3. DETECT: Identifying what went wrong is the first thing to do, potential threats and vulnerabilities need to be detected early enough
SIEM tools such as IBM QRADAR, and Splunk analyze suspicious activities and monitor and raise suspicious alert
Intrusion Detection System such as Snort helps greatly.
Endpoint Monitoring: CrowdStrike helps monitor devices like laptops and phones in the organization.
4. RESPOND: Actions taken when a breach/security incident occurs.
Tools like the Incidence Response Playbook help with step-by-step guides for handling specific incidents and scenarios.
Forensic Analysis Toolkits and continuous communication with your team.
A quick response plan ensures a Business Continuity plan.
5. RECOVER: Business Continuity after a breach involves lessons learned from the security breach and other improvements made afterward to avoid future occurrences.
TOOLS:
Veeam Backup and Recovery is a software that can help you recover lost data.
Acronis Data Protection Software helps protect your data from breaches.
Conduct a post-incident review with your team to determine areas of improvement and how the data breach occurred.
Business can continue when all these have been put in check.
The NIST helps in building resilience and identifying areas of risk in an organization.