Cyber Security Tutorial

Cyber Security Overview Cyber Security Introduction Cyber Crime Cyber Space Cyber Criminals Cyber Law Cyber Attackers Types of Hackers Functions of Cyber Security Method to Improve Data Security Cyber security frameworks Importance of Cyber Security Types of Cyber Security Cyber Security Fundamentals Applications of cyber security Cyber security in education sector Cyber security in health care industry Cyber security tools Cyber security policies Types of security policies Characteristics of cyber security policies Digital signature Cyber Security Standards NIST- National Institute of Standard and technology Information Technology Act ISO - International Standard for Organization ISO certification PCI DSS Standard FINRA Difference between Information Security and Cyber Security Cyber Security Vulnerability Elements of vulnerability management Social Engineering Vulnerability Assessment Vulnerability management Types of cyber security vulnerabilities Identification of security vulnerability Types of social engineering attacks Penetration Testing Penetration Testing Tools Types of penetration testing Process of Penetration Testing What is Phishing Elements of cyber security Difference between Spoofing and Phishing Difference between Network Security and Cyber Security Difference between Ethical Hacking & Cyber Security Role of artificial engineering in cyber security Cyber Forensics Definition Cyber Security job qualifications Cyber Security Prerequisites Cyber Security Identity and Access Management What is Cyber Forensics Different Types of Cybercrime Different types of cybercrime Tunneling Techniques in Cyber Security

Functions of Cyber Security
2022-04-14 10:23:56

Functions of Cyber Security

Let’s learn about the Cybersecurity Framework's five Functions that are the key pillars of wholistic and successful cyber security programs. These five functions result from the highest level of abstraction included in the framework and act as its backbone. Here we learn about the value of functions within the framework, and here all the presented information builds upon the material introduced in the Components of the Framework module. Description of the five functions in the function core:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

Identify

Identifying function in the framework helps an organization understand the system of managing the cyber security risk to people, system, assets, capabilities, and data. This function defines the risks on which an organization must focus and prioritize its efforts and business needs with its risk management strategy. It identifies the resources that support the critical functions in the business context.

Tasks performed by identification function in an organization:-

  • This function is utilized to identify cyber security policies in an organization regarding the need for legal rules and regulations regularly in an organization.
  • It establishes the basic structure of an asset management program within an organization by identifying all the software and physical assets.
  • It identifies the business environment supported by an organization that includes the place of an organization in critical infrastructure and its role in the supply chain.
  • It identifies organization risk assessment through risk-responsive activities.
  • Also, identify threats to internal and external organizational resources and asset vulnerabilities.
  • Risk management strategies are also identified, including establishing risk tolerances.
  • Identification of supply chain risk management in an organization that include
    -priorities
    -Risk tolerance
    -constraints
    -assumptions used to support risk decision

Protect

The Protect Function in the cyber security framework provides an outline of appropriate safeguards to ensure the delivery of critical infrastructure services. It provides a limit to cyber security events and also contains its impact.

Following are the functions of the protect function:

  • Access control and identity management are protected in an organization that includes remote and physical access.
  • Protection provides awareness and training to the staff that empowers them, and this training includes privileged user and role-based training.
  • Organizational resources are protected through remote maintenance activities.
  • Maintaining and managing the protection of assets and information systems implements information protection processes and procedure
  • It manages protective technology consistent with organizational procedures, policies, and agreements

to ensure the resilience and security of assets and systems.

  • Protect integrity, confidentiality, and availability of information within an organization is protected by establishing data security protection consistent with the company's risk strategy.

Detect

The Detect Function of the cyber security framework defines the activities that timely detect the occurrence of a cybersecurity event.

The following functions are performed by detect function:

  • This function detects the events and anomalies and their potential impact.
  • It monitors cyber security events by implementing continuous security monitoring capabilities to verify the effectiveness of protective measures (physical and network activities).
  • For providing awareness of strange events, it maintains the detection process.

Respond

The Respond Function is designed in the framework to take appropriate actions by appropriate activities during a detected Cybersecurity incident. Its record and response to the impact of a potential Cybersecurity incident.

The functions of the response function are as follows:

  • Respond function implements the response planning process during and after an incident.
  • Respond function manages the communication during and after an event with external and internal stakeholders, law enforcement, etc.
  • Prevention of event expansion and solution to an incident is provided by performing mitigation activities.
  • An analysis is conducted to determine the impact of incidents and effective responses. It also supports recovery activities, including forensic analysis.
  • The organization's improvements incorporate lessons learned from previous and current response/ detection activities.

Recover

The Recover Function in the cyber security framework is used to reduce the impact of a cyber-security incident by timely recovering the normal operations and identifying appropriate activities to maintain plans for resilience. This function also restores the diminished services and capabilities because of a cyber-security incident.

Functions performed by the recover function are as follows:

  • The recover function implements a recovery planning procedure and process in an organization to restore assets and systems affected by cyber security incidents.
  • It makes to review the existing strategies and apply some improvements based on learned lessons.
  • After any cyber security incident, all the internal and external communications are synchronized for the recovery phase.