Interdependency indicator -
NIST Cybersecurity Framework Description EXAMPLE OF IMPLEMENTATION
Governance and risk management processes address cybersecurity risks
Function:
IDIdentify
Category:
ID.GVGovernance
Subcategory:
ID.GV-4Governance and risk management processes address cybersecurity risks
Informative references
 COBIT 5 EDM03.02, APO12.02, APO12.05, DSS04.02
ISA 62443-2-1:2009 4.2.3.1, 4.2.3.3, 4.2.3.8, 4.2.3.9, 4.2.3.11, 4.3.2.4.3, 4.3.2.6.3
ISO/IEC 27001:2013 Clause 6
NIST SP 800-53 Rev. 4 SA-2, PM-3, PM-7, PM-9, PM-10, PM-11

The policies, procedures, and processes to manage and monitor the organisation’s regulatory, legal, risk, environmental, and operational requirements are understood and inform the management of cybersecurity risk.

An efficient governance and risk management will increase decision making and enhance RTO
Recovery strategies are updated
Function:
RCRecover
Category:
RC.IMImprovements
Subcategory:
RC.IM-2Recovery strategies are updated
Informative references
 COBIT 5 APO12.06, BAI07.08
ISO/IEC 27001:2013 A.16.1.6, Clause 10
NIST SP 800-53 Rev. 4 CP-2, IR-4, IR-8

Recovery planning and processes are improved by incorporating lessons learned into future activities.

Documentation allow to improve the recovery time for similiar incident in the future
Recovery plan is executed during or after an event
Function:
RCRecover
Category:
RC.RPRecovery Planning
Subcategory:
RC.RP-1Recovery plan is executed during or after an event
Informative references
 CIS CSC 10
COBIT 5 APO12.06, DSS02.05, DSS03.04
ISO/IEC 27001:2013 A.16.1.5
NIST SP 800-53 Rev. 4 CP-10, IR-4, IR-8

Recovery processes and procedures are executed and maintained to ensure restoration of systems or assets affected by cybersecurity incidents.

According to the impact of the incident , a recovery plan is launched during or after containment
Recovery activities are communicated to internal stakeholders and executive and management teams
Function:
RCRecover
Category:
RC.COCommunications
Subcategory:
RC.CO-3Recovery activities are communicated to internal stakeholders and executive and management teams
Informative references
 COBIT 5 APO12.06
ISO/IEC 27001:2013 Clause 7.4
NIST SP 800-53 Rev. 4 CP-2, IR-4

Restoration activities are coordinated with internal and external parties (e.g. coordinating centers, Internet Service Providers, owners of attacking systems, victims, other CSIRTs, and vendors).

Communication is key in the recovery process
Recovery plans incorporate lessons learned
Function:
RCRecover
Category:
RC.COCommunications
Subcategory:
RC.CO-1Recovery plans incorporate lessons learned
Informative references
 COBIT 5 EDM03.02
ISO/IEC 27001:2013 A.6.1.4, Clause 7.4

Restoration activities are coordinated with internal and external parties (e.g. coordinating centers, Internet Service Providers, owners of attacking systems, victims, other CSIRTs, and vendors).

Lessons learned aim at improving response time for such resilience in the future

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information