F5 Recent End-of-Life Announcements: Upgrade to BIG-IP iSeries RecommendedView F5 EOL Products

Close

Cybersecurity Framework

­

The ADAPTURE Cyber Security Program Is Based on The Cybersecurity Framework

With cybersecurity attacks on the rise, the need for holistic standards based security solutions is paramount. Organizations large and small today find themselves battling ever evolving cyber adversaries in the face of shrinking budgets. Deciding how to prioritize cybersecurity spending often becomes a marketing exercise instead of one based upon standards and a sound understanding of cybersecurity risk. With the myriad challenges facing our customers, we understand that the need for a standards based framework is the best way to achieve consistent cybersecurity outcomes.

Developed in response to Executive Order (EO) 13636 “Improving Critical Infrastructure Cybersecurity” of February 2013, the Framework recommends risk management processes that enable organizations to inform and prioritize decisions regarding cybersecurity based on business needs, without additional regulatory requirements. It enables organizations—regardless of sector, size, degree of cybersecurity risk, or cybersecurity sophistication—to apply the principles and effective practices of risk management to improve the security and resilience of critical infrastructure. The Framework is designed to complement, and not replace or limit, an organization’s risk management process and cybersecurity program and has been adopted by ADAPTURE as the basis of its existing Cyber Security Program.

The three main components of the Framework are the Core Functions, Risk Management Scale, and Maturity Profile.

Framework Core
  1. Identify
    Understand how to manage cybersecurity risk for data, assets, systems and capabilities, based on your risk management strategy and your business goals and needs.
  2. Protect
    Safeguard against cybersecurity risks to ensure delivery of critical infrastructure services and to be able to maintain the impact of a cybersecurity event at a minimum.
  3. Detect
    Develop appropriate activities to help discover occurrences of a cybersecurity event in a timely manner.
  4. Respond
    Develop and implement appropriate activities to address and contain the impact from a detected cybersecurity event.
  5. Recover
    Restore impaired capabilities or critical infrastructure services resulting from a cybersecurity event.
Framework Implementation Tiers
  • Partial
    The cybersecurity risk management is mostly reactive or implemented on a case-by-case basis, and there is limited awareness of cybersecurity risk at the organizational level.
  • Risk Informed
    Risk management practices are prioritized based on business objectives at the discretion of management and may not be established organizational-wide.
  • Repeatable
    The organization’s risk management process is established as an organizational-wide policy and is updated regularly based on the changing technology and threat landscape.
  • Adaptive
    Cybersecurity risk management is part of the organizational culture. The organization adapts its cybersecurity practices based on past and current cybersecurity activities to be able to respond to evolving threats in a timely manner.
Framework Profile
  • Current Profile
    Describes the current cybersecurity posture and the outcomes currently achieved.
  • Target Profile
    Describes the target cybersecurity posture by exposing opportunities for improvement in order to reach cybersecurity risk management objectives.
Prioritize & Scope

Define project scope and prioritize areas to be addressed.

Implementation

The ADAPTURE Cyber Security Management program addresses the Cybersecurity Framework (CSF) throughout every facet of the program, as illustrated in the adjacent diagram. At each point in the cycle, we address a corresponding Cybersecurity Framework-centered focus. The ADAPTURE Account Executives, Architects, Consultants, and Engineers are all well versed in the framework and its mapping to the ADAPTURE Project Management process.

The tenets of the Cybersecurity Framework are woven in the culture of ADAPTURE, and the implementation of the framework is based on a continuous-improvement methodology. By following the framework, we’re able to help our customers understand their current risk profile and develop a roadmap for improvement.

Complement your Cybersecurity Needs

Contact ADAPTURE to learn more about the basis of its existing Cyber Security Program.