Cybersecurity Risk Management - Mastering the Fundamentals Using the Nist Cybersecurity Framework

Read more

Cybersecurity Risk Management
 
In Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, veteran technology analyst Cynthia Brumfield, with contributions from cybersecurity expert Brian Haugli, delivers a straightforward and up-to-date exploration of the fundamentals of cybersecurity risk planning and management. The book offers readers easy-to-understand overviews of cybersecurity risk management principles, user, and network infrastructure planning, as well as the tools and techniques for detecting cyberattacks. The book also provides a roadmap to the development of a continuity of operations plan in the event of a cyberattack.
 
With incisive insights into the Framework for Improving Cybersecurity of Critical Infrastructure produced by the United States National Institute of Standards and Technology (NIST), Cybersecurity Risk Management presents the gold standard in practical guidance for the implementation of risk management best practices.
 
Filled with clear and easy-to-follow advice, this book also offers readers:
* A concise introduction to the principles of cybersecurity risk management and the steps necessary to manage digital risk to systems, assets, data, and capabilities
* A valuable exploration of modern tools that can improve an organization's network infrastructure protection
* A practical discussion of the challenges involved in detecting and responding to a cyberattack and the importance of continuous security monitoring
* A helpful examination of the recovery from cybersecurity incidents
 
Perfect for undergraduate and graduate students studying cybersecurity, Cybersecurity Risk Management is also an ideal resource for IT professionals working in private sector and government organizations worldwide who are considering implementing, or who may be required to implement, the NIST Framework at their organization.

List of contents

Academic Foreword xiii
 
Acknowledgments xv
 
Preface - Overview of the NIST Framework xvii
 
Background on the Framework xviii
 
Framework Based on Risk Management xix
 
The Framework Core xix
 
Framework Implementation Tiers xxi
 
Framework Profile xxii
 
Other Aspects of the Framework Document xxiii
 
Recent Developments At Nist xxiii
 
Chapter 1 Cybersecurity Risk Planning and Management 1
 
Introduction 2
 
I. What Is Cybersecurity Risk Management? 2
 
A. Risk Management Is a Process 3
 
II. Asset Management 4
 
A. Inventory Every Physical Device and System You Have and Keep the Inventory Updated 5
 
B. Inventory Every Software Platform and Application You Use and Keep the Inventory Updated 9
 
C. Prioritize Every Device, Software Platform, and Application Based on Importance 10
 
D. Establish Personnel Security Requirements Including Third-Party Stakeholders 11
 
III. Governance 13
 
A. Make Sure You Educate Management about Risks 13
 
IV. Risk Assessment and Management 15
 
A. Know Where You're Vulnerable 15
 
B. Identify the Threats You Face, Both Internally and Externally 16
 
C. Focus on the Vulnerabilities and Threats That Are Most Likely AND Pose the Highest Risk to Assets 17
 
D. Develop Plans for Dealing with the Highest Risks 18
 
Summary 20
 
Chapter Quiz 20
 
Essential Reading on Cybersecurity Risk Management 22
 
Chapter 2 User and Network Infrastructure Planning and Management 23
 
I. Introduction 24
 
II. Infrastructure Planning and Management Is All about Protection, Where the Rubber Meets the Road 24
 
A. Identity Management, Authentication, and Access Control 25
 
1. Always Be Aware of Who Has Access to Which System, for Which Period of Time, and from Where the Access Is Granted 27
 
2. Establish, Maintain, and Audit an Active Control List and Process for Who Can Physically Gain Access to Systems 28
 
3. Establish Policies, Procedures, and Controls for Who Has Remote Access to Systems 28
 
4. Make Sure That Users Have the Least Authority Possible to Perform Their Jobs and Ensure That at Least Two Individuals Are Responsible for a Task 29
 
5. Implement Network Security Controls on All Internal Communications, Denying Communications among Various Segments Where Necessary 31
 
A Word about Firewalls 31
 
6. Associate Activities with a Real Person or a Single Specific Entity 32
 
7. Use Single- or Multi-Factor Authentication Based on the Risk Involved in the Interaction 33
 
III. Awareness and Training 34
 
A. Make Sure That Privileged Users and Security Personnel Understand Their Roles and Responsibilities 35
 
IV. Data Security 35
 
A. Protect the Integrity of Active and Archived Databases 35
 
B. Protect the Confidentiality and Integrity of Corporate Data Once It Leaves Internal Networks 36
 
C. Assure That Information Can Only Be Accessed by Those Authorized to Do So and Protect Hardware and Storage Media 37
 
D. Keep Your Development and Testing Environments Separate from Your Production Environment 38
 
E. Implement Checking Mechanisms to Verify Hardware Integrity 39
 
V. Information Protection Processes and Procedures 39
 
A. Create a Baseline of IT and OT Systems 40
 
B. Manage System Configuration Changes in a Careful, Methodical Way 41
 
A Word about Patch Management 42
 
C. Perform Frequent Backups and Test Your Backup Systems Often 43
 
D. Create a Plan That Focuses on Ensuring That Assets and Personnel Will Be A

About the author

Cynthia Brumfield is the President of DCT Associates and a veteran media, communications, and technology analyst who is now focused on cybersecurity. Backed by executive-level experience at top-tier U.S. communications trade associations, a premier investment analysis firm, and her own successful publication and consulting businesses, she has spearheaded research, analysis, consulting, publishing, and education initiatives for major organizations, including Fortune 500 corporations, security organizations, and federal government clients. In addition, she is an award-winning writer who currently runs a pioneering cybersecurity news destination, Metacurity, and writes regularly for top news outlets, including ongoing columns for CSO Online.
Brian Haugli is the Managing Partner and Founder of SideChannel. He has been driving security programs for two decades and brings a true practitioner's approach to the industry. He has led programs for the DoD, Pentagon, Intelligence Community, Fortune 500, and many others. In addition, Brian is a renowned speaker and expert on NIST guidance, threat intelligence implementations, and strategic organizational initiatives.