How to align your data security strategy with NIST Cybersecurity Framework 2.0

The NIST Cybersecurity Framework 2.0 has received its first major update since it was first published in 2014. CSF 2.0 has made great improvements to the clarity of each control by listing examples, expanding upon the intention of Protect, and adding a new functional area, Govern.  

The Protect function focuses on two new areas critical to ensuring protection and survivability against today’s evolving cyber threats: platform security and incident resilience. 

Platform security addresses the deployment and management of software to protect their confidentiality, integrity, and availability. This is important as it relates to data because we have seen how the weaknesses in supply chain and unpatched vulnerabilities can be exploited to perpetrate the largest cyber attacks and data theft. 

Incident resilience, a function of Protect, not Recovery, relates to deploying and managing infrastructure architectures that protect asset confidentiality, integrity, availability and organizational resilience particularly in the wake of destructive and disruptive attacks like ransomware. Without active protections, organizations are unable to prevent data theft from cyber attacks and fall back on cumbersome disaster recovery techniques to get systems back online following a cyber incident.  

The Govern functional area addresses the organization’s cybersecurity risk management policy, communications, and monitoring. BrickStor provides critical reporting about the organization’s data, usage, and data security posture. With an understanding of stakeholder expectations and risk tolerance an organization can prioritize cybersecurity activities to make informed decisions about data security expenditures and actions.  

The only effective way to fight cyber threats is to detect them early and maintain critical operations even while under attack. 

The capabilities of RackTop’s BrickStor Security Platform (SP) align perfectly to all the controls that can be implemented with technology to protect data in the areas of Identify, Protect, Detect, Respond, and Recover. It also provides valuable reports, information, and dashboards to inform the Governance areas that require human observation and data to make informed decisions regarding risk, policy, status, and lessons learned. 

BrickStor’s patented active defense technology provides a zero trust architecture with real-time user and file activity analysis. BrickStor can immediately alert and block suspicious and malicious activity while enabling other users and applications to continue to operate and conduct critical organizational functions. 

Where BrickStor SP Satisfies NIST CSF 2.0
NIST CSF 2.0 Functional AreaNumber of Controls Satisfied by BrickStor SP
Identify: Asset Management2
Protect: Identity Management and Access Control2
Protect: Data Security4
Protect: Platform Security (NEW)2
Protect: Incident Resilience (NEW)3
Detect: Continuous Monitoring2
Detect: Adverse Event Analysis3
Respond: Incident Analysis3
Respond: Incident Mitigation1
Recovery: Incident Plan Execution1
Recovery: Communications1

BrickStor satisfies 24 controls across 5 key functional areas to enable organizations to meet the most rigorous tier of risk governance and management for its organization’s cybersecurity target profile. The automation and simplicity of BrickStor enables organizations to be nimble and adaptive to cyber risks and threats related to data, a core asset of the organization. BrickStor’s integrated compliance reports along with configuration drift alerting makes it easy to continuously stay secure and compliant. 

BrickStor addresses the frequently exploited gaps around data security in organizational infrastructure even when they are already using the leading identity, endpoint, network security, and application security. BrickStor works seamlessly to protect data during all three phases of a cyber-attack: before, during, and after. With end-to-end protection, BrickStor reduces risk and improves cyber hygiene ahead of an attack. During an attack, active defense capabilities detect threats and automatically stop data oriented cyber-attacks. After an incident, the system’s incident management workflow makes it easy to document and communicate recovery actions in real time. Automatic incident remediation engine even recommends what files should be removed and what version of a file should be restored from its immutable snapshots. BrickStor reduces the threat window, creates unprecedented cyber resilience, and ensures attack recovery in minutes instead of weeks. 

Contact us to learn how BrickStor maps to latest Cybersecurity Framework 2.0 controls

600 600 RackTop BrickStor Security Platform