The NIST Cybersecurity Framework – The Detect Function

Team Venti has been working on an e-book series based on the National Institute of Standards and Technology (NIST) cybersecurity framework. This framework consists of five functions and includes categories within each. We have associated each of the categories that fall within the high-level functions to Microsoft technologies services to help mitigate risk and provide guidance for your environment.

In part one, we emphasized the importance of identifying and adhering to a process, as opposed to allowing security products to drive IT decision making. The categories touched upon in this volume are asset management, business environment, governance, risk assessment, risk management strategy, and supply chain risk management.

In the second part of this series, we have dived into the second function of the NIST CSF framework: Protect. The categories touched upon in this section are access control, data security, information protection processes and procedures, and maintenance

Now, we are launching part 3 of this series, which consists in the Detect function of the NIST framework. In this volume we recognize the possibility of an organization having successful cyberattacks and being able to detect and mitigate beforehand, rather than reacting at the moment. We delved into this function through a case study analysis.

Download the e-book and learn about the categories within the Detect Function of the NIST framework, which are:

• Anomalies and events
• Continuous monitoring
• Detection processes