More Tools and Tips on the NIST Cybersecurity Framework
Here are several useful resources to explore along the NIST categories of Identify, Protect, Detect, Respond and Recover.
Identify
This domain pertains to understanding your cybersecurity risks, including their business context and your available resources.
For organizations that would like more comprehensive services, Rockwell Automation offers network asset identification and scanning, along with ongoing asset inventory monitoring to help identify security risks on an ongoing basis. Learn more.
Protect
This domain focuses on developing and implementing safeguards such as data security, identity management and access controls, the right architecture, product security and more, including such needs as staff awareness and training.
Detect
In this function, continuous monitoring processes are implemented to detect cybersecurity incidents.
- Cybersecurity hygiene assessments. A list of free services, such as vulnerability scanning, phishing testing, and penetration testing, offered by CISA to Critical Infrastructure organizations.
- Defense-in-depth overview. Although developed for the nuclear sector by CISA, this infographic has quick insights applicable across the board.
- SOC buyers guide. For organizations considering outsourcing their security operations center, this NCSC guide provides an in-depth SOC overview and tips.
For organizations that would like more comprehensive services, Rockwell Automation offers anomaly and threat detection services, as well as strategic partnerships with global providers like Claroty and Cisco. Learn more.
Respond and Recover
The last two NIST CSF domains focus on taking action during cybersecurity events to stop breach attempts from succeeding and spreading, and then on restoring operations back to normal levels. These categories use attack attempts to improve insight and resilience.
Industry-level Resources
The industry-specific resources below have useful information and advice that any Critical Infrastructure organization can adapt. Here are some examples:
Take action and remain vigilant
Cybersecurity in Critical Infrastructure is evolving quickly. To stay ahead of threats, security leaders need to watch emerging trends, regulatory developments and industry changes on an ongoing basis. One great final set of resources is CISA’s email lists, with options for receiving ongoing news, alerts, tips and more.
Rockwell Automation Industrial Cybersecurity Services
If you’re looking for industrial security expertise and guidance on how to best secure Critical Infrastructure, Rockwell Automation can help. We can assess, design, implement and manage a variety of project-based or ongoing managed services solutions. With a global footprint and 100+ years supporting organizations in the heart of industry, our hands-on-keyboard cybersecurity teams and industrial-strength SOC capabilities will help ensure that your production operations are well protected.
Learn more, then contact us today to schedule an expert consultation.