As security leaders gain increasing responsibility for cybersecurity, Security columnist Steven Chabinsky – General Counsel and Chief Risk Officer for CrowdStrike and former Deputy Assistant Director of the FBI’s Cyber Division – guides enterprise security executives through cybersecurity standards, frameworks, risks and management techniques.
Starting last August, we began the current series of articles to provide our readers with a deep dive into the NIST Framework and its approach to Identify, Protect, Detect, Respond to and Recover from cybersecurity incidents.
This is the second in a recurring series that explores the cybersecurity principles and best practices found within the National Institute of Standards & Technology Cybersecurity Framework. You may recall from last month’s column that NIST organizes cybersecurity risk management into five high-level functions: Identify, Protect, Detect, Respond and Recover.
Schools, businesses and enterprises across the world have experienced a paradigm shift since the terrorist attacks on Paris and Belgium. As active shooters and terrorists get more creative in choosing and evaluating softer targets, security leaders are striving to keep their enterprises safe and alert without damaging the culture.