The NIST Cyber Security Framework (CSF) has 5 primary functions; Identify, Protect, Detect, Respond and Recover.
Once identified and protected, your assets need to be monitored to detect incursions against your defences. The detect function requires that you develop, maintain and implement the appropriate activities which identify the occurrence of a cyber security event in a timely manner.
Categories within this Function include:
• Anomalies & Events: Your activities and systems will detect unusual activity as soon as possible; the impact of events is understood by the relevant people in your organisation • Security & Continuous Monitoring: You monitor your information system and business environment at appropriate specified intervals to identify cyber events in your organisation • Detection Processes: Procedures and processes for detection are implemented and tested to ensure timely, visibility of cyber events
The detect function is a critical step in the NIST CSF cycle after establishing solid identify and protect platforms. Rapid detection of cyber security events will enable mitigation of the effects:
• Anomalies & Events: Collect and analyse data from multiple points to detect an event • Security & Continuous Monitoring: Monitor your assets 24/7 or outsource • Detection Processes: Identify a breach as soon as possible and follow disclosure requirements as required; you should be able to detect inappropriate access to your system
Detecting a breach or cyber security event is essential. Give your organisation the best possible chance by fine-tuning detection methods and test them.
If you are not prepared to detect incursions against your systems, your efforts in the identify and certainly in the protect function, are significantly undermined. An organisation can survive a breach with the right preparation.
Any effort to define a solid respond and recover function within your organisation is reliant upon detecting security events and mobilising your response team.
To learn more and speak to our expert team, please complete the below and we’ll be in touch:
