NIST Protect – video explainer

Friday 30th April 2021

The NIST Cyber Security Framework (CSF) has 5 primary functions; Identify, Protect, Detect, Respond and Recover.

In the protect function we have the following categories: access control, awareness and training, data security, information protection processes and procedures, maintenance and protective technology.

The second function within NIST’s CSF requires security focus on them being able to “develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services”, with the aim of reducing the impact of a cyber security event through best practice and solid data protection policies and process.

The protect function also encompasses the deployment and management of traditional security technology such as anti-virus, firewalls and other network security appliances.

Access control is the category which, by limiting and controlling access to critical systems which are likely to be hosting or providing access to critical data, is called upon to prevent unauthorised access to your data.

Security awareness campaigns and staff training are a critical element of the protect function, tying together the operational enactment of your policies and procedures.

Data security features at the protect stage including activities such as classification, labelling and encryption. Within this category, security stakeholders work to consistently manage data in a way that aligns with the business’s risk strategy and support the confidentiality and integrity of information while also ensuring its availability.

The information protection processes and procedures category involves maintaining and leveraging security policies, processes and procedures to adequately protect critical data and the systems that support it. These policies would have been initially created under the governance category of the identify function. Building upon the activities during that function, this category also calls for the creation and management of plans for incident response, business continuity, incident recovery and disaster recovery, as well as testing for the response and recovery plans in particular. We will see the operational output of this in the respond and recover functions.

The maintenance category defines the “ever-so critical” patching and system fix strategy and operations.

Protective technology is the category which focuses on the technical security solutions, specifically how the technology is documented, how it is implemented and how we audit and log activity, something that is vital for the next function of the NIST CSF – Detect.

To learn more and speak to our expert team, please complete the below and we’ll be in touch:

  • Throughout our business dealings with IP Performance, their expertise, professionalism and “can do” attitude continue to ensure we have the systems we need, when we need them.

    Matt Williams - IT Business Delivery Manager,
    UK Bus, FirstGroup PLC