The NIST Cyber Security Framework (CSF) has 5 primary functions; Identify, Protect, Detect, Respond and Recover.
Once identified and protected, your assets need to be monitored to detect incursions against your defences. The detect function requires that you develop, maintain and implement the appropriate activities which identify the occurrence of a cyber security event in a timely manner.
Categories within this Function include:
• Anomalies & Events: Your activities and systems will detect unusual activity as soon as possible; the impact of events is understood by the relevant people in your organisation • Security & Continuous Monitoring: You monitor your information system and business environment at appropriate specified intervals to identify cyber events in your organisation • Detection Processes: Procedures and processes for detection are implemented and tested to ensure timely, visibility of cyber events
The detect function is a critical step in the NIST CSF cycle after establishing solid identify and protect platforms. Rapid detection of cyber security events will enable mitigation of the effects:
• Anomalies & Events: Collect and analyse data from multiple points to detect an event • Security & Continuous Monitoring: Monitor your assets 24/7 or outsource • Detection Processes: Identify a breach as soon as possible and follow disclosure requirements as required; you should be able to detect inappropriate access to your system
Detecting a breach or cyber security event is essential. Give your organisation the best possible chance by fine-tuning detection methods and test them.
If you are not prepared to detect incursions against your systems, your efforts in the identify and certainly in the protect function, are significantly undermined. An organisation can survive a breach with the right preparation.
Any effort to define a solid respond and recover function within your organisation is reliant upon detecting security events and mobilising your response team.
To learn more and speak to our expert team, please complete the below and we’ll be in touch:
I just wanted to take a moment to personally thank IP Performance for all your help and guidance during our recent upgrade project. Upgrading all three of our production clusters was a huge undertaking, especially with the amount of traffic they serve and thousands of services they deliver. Achieving this with zero downtime was no small feat and your expertise and quick responses were absolutely crucial in making it happen. It really felt like you were part of our team throughout this process and were more than just providing support but indeed kind of taking ownership of all the challenges and issues we had during this migration which we couldn’t have done as smoothly without your support.
