NIST and the NIS Directive / Regulations
NIST is the National Institute of Standards and Technology and they were selected for the task of developing the NIST Framework because they are a non-regulatory federal agency. They act as an unbiased source of scientific data and practices, including cybersecurity practices.
The framework was the result of a US executive order in 2013. By 2014 it was adopted globally, partly due to global organisations having a U.S. Headquarters and being U.S. owned. Organisations such as Google, Amazon/AWS, Paypal and Morgan Stanley.
The framework itself is made up of 5 functions; identify, protect, detect, respond and recover.
The functions are further broken down into 23 categories and underneath those categories are 108 sub-categories.
In August 2017 the UK government published the first version of the NIS Directive to guide suppliers of essential services to the Critical National Infrastructure. The NIS directive is closely aligned to the NIST Cyber Security Framework.
In June 2018 the Cabinet Office developed the minimum cyber security standard and it is also closely aligned to the NIST Cyber Security Framework.
With the UK leaving the EU, the NIS Directive has now become the NIS Regulations.
The remit of business’s security functions is constantly changing and expanding.
Organising your security operations into headings helps to introduce a workflow in order to assign activities to teams or individuals.
IP-Performance have a variety of products and services which are aligned with these frameworks. Our aim is to be able to offer assistance at any of the stages of your journey in a way that is complimentary to standards and best practice.
-
IP Performance have worked as a trusted networking and cyber security partner with SCCB for many years. I highly recommend IP Performance. The team are highly responsive and extremely knowledgeable. Their networking and security solutions provided to us are well designed to meet our specific needs and the pricing is always very competitive. I have full trust in IP Performance to help us keep our IT systems at SCCB resilient, efficient, and secure.
Dave Birks, IT Services,
South and City College Birmingham
