NIST 1.1 Cybersecurity Framework.

NIST 1.1 Cybersecurity Framework.

To be able to implement the various actions necessary for the security of a corporate structure, the National Institute of Standards and Technology (NIST: National Institute of Standards and Technology) has developed a framework entirely dedicated to cybersecurity. Since it is a free and independent tool, it can serve as a basis for each organization wishing to validate its needs in terms of cybersecurity.

Genesis of the NIST project.

Since 1901, the NIST laboratory has worked for the United States government to analyze and propose solutions in the field of industrial competitiveness. This organization was created to counterbalance the great advance of Germany and the United Kingdom at the beginning of the 20th century in the fields of economy and industry.

With its extensive expertise in the area of physical and economic measurement, during the emergence of new technologies, NIST was the ideal candidate for topics dealing with computer security.

The laboratory’s cybersecurity program is based on the fundamental principles of the institution and promotes innovation, research and the study of US competitiveness.

The subject of data and the relationship with the outside is a crucial subject for the governance of the United States. As a result, NIST research focuses on themes such as cyberattacks, new technologies, defense and data preservation methodologies, etc. The laboratory is very often called upon to create standards and establish defense rules for the industry. Collaborations with the main players in the country’s industry are also the responsibility of the laboratory in order to train strategic sectors on the subject of cybersecurity.

A major role in crisis resolution.

With such a wide area of expertise, the American federal laboratory has very often assisted the United States government on sensitive subjects. Following the attack on the two towers of the World Trade Center, the laboratory was approached to analyze the possible causes of the collapse of the twin towers.

Using a computer simulation linking a lot of data, the laboratory’s decision was to present a cause with several factors. The probable reason for the collapse is partly due to the fragility of the load-bearing columns following the damage caused by the impacts.

In any case, this is what the computer simulation revealed after analyzing the scenarios. After this short anecdote, let’s come back to the subject of the NIST framework and its importance in the analysis of a defense strategy.

How the NIST framework works.

The NIST Framework 1.1 is broken down into five so-called fundamental functions for online security. These functions are:

  • Identify 
  • Protect
  • Detect 
  • Respond 
  • Reorganize

These five pillars will make it possible to encompass the main processes to be put in place to secure, as much as possible, an organization using digital technologies. Each of its points is divided into sub-categories, which themselves group together tasks to be carried out.

There are also specific sub-categories offering integration methods and solutions. Obviously each part is accompanied by reference documents and case studies.

The Framework also offers an implementation hierarchy with levels providing companies with a means of situating their skills and actions vis-à-vis the NIST standard.

Finally, the profile section will offer an overview by providing a long-term approach. The projection on a broader horizon favoring the application of new habits to have within the organization.

An interesting database.

To go further, the institution’s website offers a fairly large database dealing with the different areas around cybersecurity. This database, dating back more than 20 years, has the advantage of bearing witness to technological advances and the associated risks since the beginning of the 21st century. It is a veritable goldmine for any cybersecurity enthusiast.

The topics offered are broad and include:

  • Encryption
  • Access control
  • Risk management
  • artificial intelligence
  • Blockchains
  • Hardware
  • Servers

Why use the NIST Framework.

There are several reasons to consider the NIST Framework 1.1. Its use will allow among other things:

  • Understanding the risks associated with new technologies.
  • Prevent and prepare for potential threats.
  • Sensitize all the actors of an organization on the security aspect.
  • Implement a validation of the security of the tools put in place by a company or an individual.

The platform offers free of charge the knowledge and tools necessary to implement an effective strategy in the face of cyber threats.

The NIST 1.1 framework is only intended to present a list of recommendations, and to prevent risks related to IT technologies. Compliance with the advice provided by the institution is the responsibility of the company via a critical self-assessment of its structure. Consequently, its use must be indicative and guide an approach to raising awareness and improving cybersecurity.

Photo Maxime Macé

Maxime Macé

Simple passionné de thématiques diverses et variées. J’apprécie enrichir mes connaissances dans les disciplines techniques comme l’informatique, les sciences et l’ingénierie, mais aussi dans les domaines merveilleux de la philosophie, l’art et la littérature.

Prenons contact

Vous souhaitez me contacter suite à la lecture de cet article ? Merci de renseigner votre adresse électronique et je vous recontacterai dans les plus brefs délais.

CV Ingénieur développeur informatique

CV Étudiant PhD Artificial Intelligence

Portfolio Artist designer