NIST Framework Implementation with Digital Guardian

How Digital Guardian’s data protection platform supports compliance across NIST’s 5 core functions

Executive Summary

Text

Developed in response to Executive Order 13636, the NIST Cybersecurity Framework (the “Framework”) was published in February 2014 following a collaborative process between industry, academia and government organizations. The original goal was to develop a voluntary framework to help organizations manage cybersecurity risk in the nation’s critical infrastructure, such as bridges and the electric power grid. But the framework has been widely adopted by many types of organizations across the country and around the world. Organizations that have adopted the Framework have found it to be an extremely valuable tool for fostering communications about risk management and cybersecurity amongst organizational stakeholders.

NIST defines the Framework as guidance, intended to be customized by various sectors and individual organizations to best suit their risks, situations, and needs. The Framework is not intended to be implemented as a static compliance checklist but rather a flexible, ongoing process and risk management tool.

The Framework’s Core five “Functions” offer a way to organize cybersecurity risk management activities at their highest levels using words that can be applied across risk management disciplines: Identify, Protect, Detect, Respond, and Recover.

This white paper explains how federal organizations can leverage Fortra™’s Digital Guardian® ’s the Data Protection Platform across these five Functions to more effectively implement eight strategic objectives of the Framework.

Reference: https://www.nist.gov/cyberframework

#1: Integrate Enterprise & Cybersecurity Risk MGMT

Text

Using the Cybersecurity Framework’s Functions (Identify, Protect, Detect, Respond, and Recover) as the basis for risk management dialogs, organizations can raise awareness of cybersecurity and other risks to be managed and facilitate communication among agency stakeholders, including executive leadership.

How the Digital Guardian Platform Can Help

Identify.

Digital Guardian (DG) enables organizations to learn where sensitive data is located, how it flows in the organization, and where that data is at risk. It can provide digital asset management and visibility into business process and workflows. DG incorporates and leverages requirements of various business units, including personnel, InfoTech, and Security. DG recognizes the hard and soft business processes, and provides the ability to organize this information into the Framework across extensive enterprise environments.

#2: Manage Cybersecurity Requirements

Text

Federal organizations can use the Cybersecurity Framework Core Subcategories to align and reconcile cybersecurity requirements applicable to their organizations. This reconciliation of requirements helps to ensure compliance and provides input in prioritizing requirements across the organization using the subcategory outcomes. This capability becomes a means of operationalizing cybersecurity activities and a tool for iterative, dynamic, and prioritized risk management for the agency.

How the Digital Guardian Platform Can Help

Identify.

DG can identify and provide visibility into all user, system and data activities. This information can be used across all domains of security infrastructure to improve and confirm the efficacy of the operational tools.

#3: Integrate & Align & Acquisition Process

Text

For acquisitions that present cybersecurity risks, federal organizations can choose to do business only with organizations that meet minimum cybersecurity requirements in their operations and in the products and services they deliver. Cybersecurity Framework Profiles can be used by federal organizations to express technical requirements; offerors can demonstrate how they meet or exceed these requirements.

How the Digital Guardian Platform Can Help

Identify.

Cybersecurity specialists recognize that data, systems and users are frequent targets of cyber criminals and nation state actors. Digital Guardian provides users with the unique ability to monitor these elements at the point of use. This enables security practitioners to demonstrate and report gaps in security, which gives federal organizations the opportunity to align acquisitions with current risks exposures.

#4: Evaluate Organizational Cybersecurity

Text

Implementation Tiers provide organizations a basis for rationalizing various modes of cybersecurity operations across an organization, based on trade-off analysis of agency business units or specific assets. Gap analysis between the current and Target Implementation Tier will reveal opportunities for prioritizing cybersecurity investments.

How the Digital Guardian Platform Can Help

Identify.

Digital Guardian provides visibility into the work and data flow of business processes allowing the organization to make strategic decisions on efficacy of current products in their environment and incorporating metrics from DG to validate and substantiate current risk and exposures.

#5: Manage the Cybersecurity Program

Text

The core taxonomy of cybersecurity outcomes in Subcategories provides a way to apportion responsibility for these outcomes to organizational business units or individuals. Analysis of the cybersecurity outcomes in the Cybersecurity Framework core also can assist organizations in identifying common and hybrid controls and saving resources.

How the Digital Guardian Platform Can Help

Identify.

Digital Guardian empowers the security administration team and ensures units are held accountable for their respective functions. By organizing and classifying data, DG can facilitate the fact-based decisions required to support a successful cybersecurity framework and increase the clarity of the respective organization’s risk profile.

#6: Maintain A Comprehensive View of Cyber Risk

Text

The Cybersecurity Framework Core can help organizations better organize their accepted risks and the risks they are working to remediate across all systems. This aggregate and comprehensive understanding of risk enables more informed and effective Risk Management Framework (RMF) authorization decisions.

How the Digital Guardian Platform Can Help

Identify.

Digital Guardian allows an agency to correlate gaps and vulnerabilities that are aggregated from Digital Guardian’s endpoint agents and network sensors. Reporting and alerting can be triggered many ways including by user, groups, or machines. Reporting and analysis across groups of machines provides a comprehensive view to identify both specific and widespread issues.

#7: Report Cybersecurity Risks

Text

The Cybersecurity Framework Core provides a reporting structure and language that aligns to SP 800-53 controls. This alignment enables easy roll-up of control status into a reporting structure that is appropriate to and understandable by the appropriate stakeholders.

How the Digital Guardian Platform Can Help

Identify.

Digital Guardian is aligned with SP 800- 53 controls and provides tactical and strategic level reporting for the analyst and security owner. DG provides comprehensive reporting and can also integrate with other third party reporting and analysis tools for a cohesive security framework. DG’s configurable reporting tools allow maximum flexibility in sharing with other organizations.

#8: Inform the Tailoring Process

Text

Cybersecurity Framework Profiles enable organizations to reconcile mission objectives and cybersecurity requirements into the structure of the Cybersecurity Framework Core. This ability readily translates to the SP 800-53 controls that are most meaningful to the organization.

Profiles can be used to tailor initial SP 800-53 baselines into final baselines, as deployed in the RMF Implementation step.

How the Digital Guardian Platform Can Help

Identify.

Digital Guardian’s strength is providing profiles of visibility and control policies that are aligned with any or all respective business and department units. Each agency has its own priorities and responsibilities and DG brings visibility into all risk elements and the prioritization of those elements for each organization. The DG solution provides flexibility and control organizations need to evolve to continuously changing security requirements. Administration of DG is based on roles and responsibilities and provides a separation of duty for individuals’ respective authorization levels.

About Digital Guardian For Federal Organizations

Text

Digital Guardian improves the ability of public-sector security pros to respond with certainty and effectiveness at the speed and scale of threat. Our offerings address the ongoing gap between the threats public organizations face, and the capabilities they need. Our single-agent approach protects sensitive data from both insider and outsider threats, across thousands of desktops and personal devices. And our solutions work with the major security platforms that public organizations already use, supporting a single pane of glass into data security. Learn more about DG's government solutions >

Digital Guardian makes it easier to audit, monitor, and report on all end-user activity, regardless of device type; maintain and document compliance with Executive Order 13587; classify, categorize, and persistently tag organizational data; apply specific policy to documents which can prompt, block, and record user activity in realtime; and conduct investigative tasks like key logging, file capture, and screen capture.

SCHEDULE A DEMO REQUEST PRICING