Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

How Trustwave Uses the NIST Framework to Inform Strategy and Mitigate Cybersecurity Risk

The National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF) is one of several “gold level” standards used by public and private organizations as the basis for their cybersecurity protocols. It is also the benchmark utilized by Trustwave to protect our clients.

NIST rolled out the CSF in 2014 as a set of guidelines for mitigating organizational cybersecurity risks. NIST designed the Framework to be continuously updated to keep pace with technology, threat trends, and to integrate lessons learned.

Trustwave is a firm believer in the NIST CSF. All of Trustwave’s products and services overlap with at least one of the NIST CSF functionalities that the government agency has stated are core to any proper cybersecurity program. In addition, Trustwave believes the five NIST CSR functions are of significant value to organizations that are relatively immature or new to cybersecurity as it provides a simple lens through which to understand the field and the areas in which the organization is likely to require investment.

The five NIST functions are:

  • Identify - Develop a strong understanding of your key systems and information assets.
  • Protect - Develop and implement appropriate safeguards to prevent or at least contain the impact of a potential cyber security event.
  • Detect - Develop and implement technology and processes for detecting cyber security incidents.
  • Respond - Develop and implement processes for responding to a cyber security incident that occurs.
  • Recover - Develop and implement processes for recovering from a cyber security incident that occurs.

How Trustwave Works Within the NIST Framework

There are two ways to better understand how Trustwave intersects with the NIST CSF priorities. First, by mapping it against Trustwave’s services, which can be visualized below:

Secondly, by comparing it to Trustwave’s product portfolio.

 

As can be seen, Trustwave has all aspects of the NIST CSF covered. 

This is no accident. Trustwave has been deeply involved with NIST in the continuous development of the Framework, and as part of this cooperation, earlier this year, Trustwave submitted its thoughts on how it can be updated and improved.

The new version, dubbed CSF 2.0, follows the initial version adopted in 2014, and then updated in April 2018 when NIST issued CSF 1.1.  

NIST began pulling together what would become CSF 2.0 in February 2022 when it put out a request for information (RFI) to obtain public input on how to improve the Framework, which is formally known as the Framework for Improving Critical Infrastructure Cybersecurity. The RFI contained six areas to explore, along with asking for information on cybersecurity supply chain risk management 

The latest NIST update is not driven by any specific cybersecurity issue, the agency said, but is part of the agency’s planned update to keep the CSF current and ensure that it is aligned with other tools that are commonly used. In addition, the CSF is intended to be a living document that can be refined, improved, and evolve over time. These updates help the Framework keep pace with technology and threat trends, integrate lessons learned, and move best practices to common practice. 

Trustwave and NIST

In response to the RFI, Trustwave, through Trustwave Government Services, forwarded a list of recommendations to help improve the Framework.

These included: 

  • The five functions do not clearly correspond to groups of risk, and a clearer connection between the ISO27001 risk-based approach would be valuable for organizations seeking to use both frameworks (and/or indeed, that are effectively mandated to use both frameworks by different groups of stakeholders).
  • We believe the Framework should add a clear and comprehensive database security program with proactive database security measures that include continuous vulnerability assessment and remediation, database privileged access visibility and control, and continuous database activity monitoring to alert and respond to anomalous database activity.
  • The main challenge organizations currently face from using NIST CSF is the typical marketplace challenge of needing the demand-side and supply-side to agree on an approach. Currently, there are a myriad of certifications and reports requested, such as ISO27001, SOC2, etc. Many organizations are using whatever security framework they see the best commercial returns on, and until greater consistency exists in the market, it will be hard for a single framework to get overall traction.
  • Strengthen vulnerability management posture. Vulnerability management is considered a fundamental security operational process recommended by standards like the NIST and is performed by nearly every industry. There are, however, important differences in the toolsets and what they are designed to do.

 

Latest Trustwave Blogs

Defending Healthcare Databases: Strategies to Safeguard Critical Information

The healthcare sector continues to be a primary target for threat actors, with 2023 seeing a record number of data breaches and compromised records. While successful attacks are inevitable, it’s...

Read More

Trustwave SpiderLabs: Ransomware Gangs Dominate 2024 Education Threat Landscape

The security teams manning the defenses at the higher education and primary school system levels often find themselves being tested by threat actors taking advantage of the sector's inherent cyber...

Read More

LockBit Takedown: Law Enforcement Disrupts Operations, but Ransomware Threats Likely to Persist

The news that US, UK, and other international law enforcement agencies disrupted LockBit is welcome, as stopping any threat group activity is always a positive. The unfortunate aspect is this blow...

Read More