The National Institute of Standards and Technology (NIST) is a federal, non-regulatory agency funded by the United States Department of Commerce. It aims to provide security guidelines, quality standards, and more for various industries. NIST publishes a cybersecurity framework that many organizations adhere to while creating their identity and access management (IAM), or security information and event management (SIEM) framework. Why are these guidelines so revered? Let’s take a look.
It is mandatory for government agencies in the U.S., like the FBI, U.S. Department of Agriculture, and National Security Agency, to adhere to NIST guidelines. Being a framework that is prepared for vital government organizations, the NIST guidelines are very secure. Even though other organizations aren’t required to follow NIST guidelines, they do strictly so that their organization can be as secure as possible from the ever-increasing number of cyberthreats.
The NIST cybersecurity framework is divided into five core functions that cover all necessary aspects of cybersecurity, making it a robust and holistic security framework. The five functions are:
- Identify – What processes and assets need protection?
- Protect – What safeguards are available?
- Detect – What techniques can be used to identify incidents?
- Respond – What techniques can be used to contain incidents?
- Recover – What techniques can restore capabilities?
In the context of SIEM, we should be looking at the Protect, Detect, and Respond functions of NIST framework.
- What security measures should you set up to protect your organization from threats?
- How can you detect threats or unusual incidents when they occur?
- How can you successfully mitigate the threats and avert a disaster?
** Optrics Inc. is an Authorized ManageEngine partner
The original article can be found here: