** CyberSecurity Certification Training: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "Cybersecurity Frameworks" will help you understand why and how the organizations are using the cybersecurity framework to Identify, Protect and Recover from cyber attacks.
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
2. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Improving Critical Infrastructure Cybersecurity
Why Cybersecurity Framework?
Types of Cybersecurity Framework
Cybersecurity Framework Components
Agenda
Steps to Implement Framework
Coordination of Framework Implementation
3. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Improving Critical Infrastructure Cybersecurity
Executive Order 13636
12 February 2013
“It is the policy of the United States to enhance the security and
resilience of the Nation’s critical infrastructure and to maintain a
cyber environment that encourages efficiency, innovation, and
economic prosperity while promoting safety, security, business
confidentiality, privacy, and civil liberties”
4. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
According to the Executive Order…
Align policy, business and
technological approaches to
address cyber risks
Prioritized, flexible, repeatable,
performance-based, and cost-
effective approach
Identify areas for improvement
to be addressed through future
collaboration
Be consistent with voluntary
international standards
5. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Why Cybersecurity Framework?
It Results in a shift from compliance to action and
specific outcomes
It has built-in maturity model and gap analysis so you
don't need additional maturity model on top of CSF
It gives you a measure of where you are and where you
need to go
It can be implemented in stages or degrees which makes
it more appealing to business
6. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
What Is Cybersecurity Framework?
The Framework is voluntary guidance,
based on existing guidelines, and
practices for organizations to better
manage and reduce cybersecurity risk.
CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
7. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Types of Frameworks
PCI-DSS
It is designed to
protect credit card,
debit card, and cash
card transactions
ISO 27001/27002
Best practice
recommendations for
information security
management and
information security
program elements.
CIS-Critical Security
Controls
cyber protection that
give noteworthy
approaches to stop the
present most
inescapable attacks
NIST Framework
Improving critical
infrastructure
Cybersecurity to improve
organization’s risks by
leveraging standard
methodologies and
processes
8. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
NIST: Most Popular among Frameworks
NIST framework was developed in Feb 2013 after US Presidential Executive order
To address national and
economic security challenges
Reduce cyber risks to critical
Infrastructure
To be voluntary
(for private sector)
Collaboratively developed with
stakeholders
9. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Objectives of the Framework
Adaptable,
flexible, and
scalable
Improve
Organization’s
readiness for
managing
cybersecurity risk
Flexible,
repeatable, and
performance
based
Cost-effective Leverage
standards,
methodologies
and processes
Promote
technology
innovation
Actionable across
the enterprise-
focus on outcomes
01 02 03 04 05 06 07
10. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Cybersecurity Framework Components
Framework
Profile
Framework
Implementation
Tiers
Framework
Core
Are an association’s novel
arrangement of their organizational
prerequisites and goals, and assets
against the coveted results of the
Framework Core.
Guides associations in overseeing and
decreasing their Cybersecurity
chances in a way that supplements an
association’s current Cybersecurity
and risk management processes.
Describes how cybersecurity
risk is managed by an organization
and degree the risk management
practices exhibit key characteristics
11. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Implementation Tiers
Tier 1
Partial
Tier 2
Risk Informed
Tier 3
Repeatable
Tier 4
Adaptive
The extent to which cybersecurity is considered in broader risk
management decisions
The degree to which the organization benefits my sharing or receiving
information from outside parties
The functionality and repeatability of cybersecurity risk managementRisk Management Process
Risk Management Program
External Participation
12. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Core
Respond
What processes and
assets need
protection?
What techniques
can restore
capabilities
What safeguards are
available?
What techniques
can identify
incidents?
What techniques
can contain impacts
on incidents?
13. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Core: Identify
Function Category ID
Identify
Asset Management ID.AM
Business Environment ID.BE
Governance ID.GV
Risk Assessment ID.RA
Risk Management Strategy ID.RM
Protect
Access Control PR.AC
Awareness and Training PR.AT
Data Security PR.DS
Information Protection Processes & Procedures PR.IP
Maintenance PR.MA
Protective Technology PR.PT
Detect
Anomalies and Events DE.AE
Security Continuous Monitoring DE.CM
Detection Processes DE.DP
Respond
Response Planning RS.RP
Communications RS.CO
Analysis RS.AN
Mitigation RS.MI
Improvements RS.IM
Recover
Recovery Planning RC.RP
Improvements RC.IM
Communications RC.CO
This function helps with building up a
hierarchical comprehension in overseeing
cybersecurity to frameworks, individuals,
resources, information, and capacities
14. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Profiles: Protect
Function Category ID
Identify
Asset Management ID.AM
Business Environment ID.BE
Governance ID.GV
Risk Assessment ID.RA
Risk Management Strategy ID.RM
Protect
Access Control PR.AC
Awareness and Training PR.AT
Data Security PR.DS
Information Protection Processes & Procedures PR.IP
Maintenance PR.MA
Protective Technology PR.PT
Detect
Anomalies and Events DE.AE
Security Continuous Monitoring DE.CM
Detection Processes DE.DP
Respond
Response Planning RS.RP
Communications RS.CO
Analysis RS.AN
Mitigation RS.MI
Improvements RS.IM
Recover
Recovery Planning RC.RP
Improvements RC.IM
Communications RC.CO
This function develop and implement the
appropriate safeguards and controls to
ensure delivery of critical infrastructure
services
15. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Profiles: Detect
Function Category ID
Identify
Asset Management ID.AM
Business Environment ID.BE
Governance ID.GV
Risk Assessment ID.RA
Risk Management Strategy ID.RM
Protect
Access Control PR.AC
Awareness and Training PR.AT
Data Security PR.DS
Information Protection Processes & Procedures PR.IP
Maintenance PR.MA
Protective Technology PR.PT
Detect
Anomalies and Events DE.AE
Security Continuous Monitoring DE.CM
Detection Processes DE.DP
Respond
Response Planning RS.RP
Communications RS.CO
Analysis RS.AN
Mitigation RS.MI
Improvements RS.IM
Recover
Recovery Planning RC.RP
Improvements RC.IM
Communications RC.CO
This Function characterizes the fitting
exercises to recognize the event of a
Cybersecurity occasion. The Detect Function
empowers opportune revelation of
Cybersecurity occasions.
16. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Profiles: Respond
Function Category ID
Identify
Asset Management ID.AM
Business Environment ID.BE
Governance ID.GV
Risk Assessment ID.RA
Risk Management Strategy ID.RM
Protect
Access Control PR.AC
Awareness and Training PR.AT
Data Security PR.DS
Information Protection Processes & Procedures PR.IP
Maintenance PR.MA
Protective Technology PR.PT
Detect
Anomalies and Events DE.AE
Security Continuous Monitoring DE.CM
Detection Processes DE.DP
Respond
Response Planning RS.RP
Communications RS.CO
Analysis RS.AN
Mitigation RS.MI
Improvements RS.IM
Recover
Recovery Planning RC.RP
Improvements RC.IM
Communications RC.CO
This Function develop and implement the
appropriate activities and controls to identify
occurrence of a cybersecurity event. It
bolsters the capacity to contain the effect of a
potential Cybersecurity occurrence.
17. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Profiles: Recover
Function Category ID
Identify
Asset Management ID.AM
Business Environment ID.BE
Governance ID.GV
Risk Assessment ID.RA
Risk Management Strategy ID.RM
Protect
Access Control PR.AC
Awareness and Training PR.AT
Data Security PR.DS
Information Protection Processes & Procedures PR.IP
Maintenance PR.MA
Protective Technology PR.PT
Detect
Anomalies and Events DE.AE
Security Continuous Monitoring DE.CM
Detection Processes DE.DP
Respond
Response Planning RS.RP
Communications RS.CO
Analysis RS.AN
Mitigation RS.MI
Improvements RS.IM
Recover
Recovery Planning RC.RP
Improvements RC.IM
Communications RC.CO
The Recover Function distinguishes proper
exercises to keep up plans for versatility and
to re-establish any abilities or administrations
that were impeded because of a
Cybersecurity event.
18. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Framework Profile
Profiles can be used to identify opportunities for improving
Cybersecurity posture by comparing the current profile (“as is”
state with the target profile (“to be” state)
19. CYBERSECURITY CERTIFICATION COURSE www.edureka.co/cybersecurity-certification-training
Steps to Implement Framework
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Prioritize & scope
Create a Current Profile Create a Target Profile
Orient Conduct a Risk Assessment Determine, analyze &
prioritize gaps
Step 7
Implement Action Plan