Monday 10th May 2021

NIST Detect – video explainer

The NIST Cyber Security Framework (CSF) has 5 primary functions; Identify, Protect, Detect, Respond and Recover.

Once identified and protected, your assets need to be monitored to detect incursions against your defences. The detect function requires that you develop, maintain and implement the appropriate activities which identify the occurrence of a cyber security event in a timely manner.

Categories within this Function include:

Anomalies & Events: Your activities and systems will detect unusual activity as soon as possible; the impact of events is understood by the relevant people in your organisation
Security & Continuous Monitoring: You monitor your information system and business environment at appropriate specified intervals to identify cyber events in your organisation
Detection Processes: Procedures and processes for detection are implemented and tested to ensure timely, visibility of cyber events

The detect function is a critical step in the NIST CSF cycle after establishing solid identify and protect platforms. Rapid detection of cyber security events will enable mitigation of the effects:

Anomalies & Events: Collect and analyse data from multiple points to detect an event
Security & Continuous Monitoring: Monitor your assets 24/7 or outsource
Detection Processes: Identify a breach as soon as possible and follow disclosure requirements as required; you should be able to detect inappropriate access to your system

Detecting a breach or cyber security event is essential. Give your organisation the best possible chance by fine-tuning detection methods and test them.

If you are not prepared to detect incursions against your systems, your efforts in the identify and certainly in the protect function, are significantly undermined. An organisation can survive a breach with the right preparation.

Any effort to define a solid respond and recover function within your organisation is reliant upon detecting security events and mobilising your response team.

To learn more and speak to our expert team, please complete the below and we’ll be in touch:

  • “IP Performance have worked as a trusted networking and cyber security partner with SCCB for many years. I highly recommend IP Performance. The team are highly responsive and extremely knowledgeable. Their networking and security solutions provided to us are well designed to meet our specific needs and the pricing is always very competitive. I have full trust in IP Performance to help us keep our IT systems at SCCB resilient, efficient, and secure.”

    Dave Birks, IT Services,
    South and City College Birmingham