Regulation & Compliance

From Framework to Application: Identify With BitSight

Ben Fagan | July 1, 2015

This is the second post in a series exploring how Security Ratings can address key components of the NIST cybersecurity guidelines. You can read the first post here.

The NIST Cybersecurity Framework outlines five Framework Functions that organizations can use to better protect themselves against cyber threats. The first of these Framework Functions is Identify, which NIST describes as, “Develop the institutional understanding to manage cybersecurity risk to organizational systems, assets, data, and capabilities.” The Identify Framework Function is focused on the business context of security threats and defining a risk management strategy that maintains business continuity. Within this Framework Function, NIST further defines categories, subcategories and references from other widely adopted standards, such as COBIT (Control Objectives for Information and Related Technology) and ISO/IEC guidelines.

The NIST standards clearly place importance on the need for formalized risk management processes and communication of security posture throughout the enterprise. To address these challenges, many businesses have adopted BitSight Security Ratings for Benchmarking in order to effectively communicate performance to stakeholders and identify area of improvement. Below BitSight has provided a breakdown of how its product complements the NIST Identify Framework.

Screen_Shot_2015-07-02_at_9.41.40_AM

Suggested Posts

FFIEC IT Handbook Updates: Business Continuity Is 2020 Focus

In November 2019, the Federal Financial Institutions Examination Council (FFIEC) released an update to the Information Technology Examination Handbook (IT Handbook). This handbook is a guide for examiners at its member agencies, which...

READ MORE »

Australian Companies Now Have 6 Months For APRA Compliance

Early in 2019, unknown threat actors attempted to hack the Australian federal Parliament’s computer network and the servers used by every politician, staffer, and security officer in Parliament House. Authorities believe there is a strong...

READ MORE »

Texas Senate Bill 820: New Regulation Takes Aim at Cyber Threats in Education Sector

Schools and colleges are facing an alarming increase in cybersecurity incidents. Some hackers seek ransoms while others see value in scooping up personally identifiable information to sell to identity thieves.

READ MORE »

Subscribe to get security news and updates in your inbox.