Combat Ransomware: Cybersecurity Frameworks - Zerto
Blog keyboard_arrow_down keyboard_arrow_up

Managing Cyberthreats to Combat Ransomware Part 3: Cybersecurity Frameworks

October 20, 2022
Ransomware Recovery
Est. Reading Time: 3 minutes

As we continue with our third and final blog in this series on managing cyberthreats, we’ll explore frameworks from the National Institute of Standards & Technology and Center for Internet Security, which together provide time-tested knowledge and best practices used to combat ransomware.

National Institute of Standards & Technology

National Institute of Standards & Technology (NIST) develops cybersecurity standards, guidelines, best practices, and other resources to meet the needs of US industries, federal agencies, and the broader public. NIST produces everything from specific, immediately actionable information to long-term research that anticipates both technology advances and future challenges, such as advanced cyberthreats.

The NIST Cybersecurity Framework 1.1 has five core categories that provide robust cybersecurity and dramatically reduce the risk of a cyberattack:

  1. Identify—Forms the foundation of the framework. These controls develop an organizational understanding for effective management of cybersecurity risk to systems, people, assets, data, and capabilities. When an organization understands the business context, resources that support critical functions, and related cybersecurity risks, it can focus and prioritize its risk management strategy and business needs. These activities include asset management, business environment, governance, risk assessment, and risk management strategy.
  2. Protect—Safeguards delivery of critical services, limiting or containing the impact of a potential cybersecurity event. This covers identity management and access control, awareness and training, data security, information protection processes and procedures, maintenance, and protective technology.
  3. Detect—Identifies cybersecurity events quickly. Detection comprises anomalies and events, security continuous monitoring, and detection processes.
  4. Respond—Takes action after a cybersecurity incident is detected, containing the impact of the incident. Response activities include planning, communications, analysis, mitigation, and improvements.
  5. Recover—Maintains plans for resilience and restores any capabilities or services that were impaired by a cybersecurity incident. The Recover function recovers quickly to normal operations to reduce the impact of a cybersecurity incident. This includes recovery planning, improvements, and communications.

By following each step of the NIST Cybersecurity Framework, you can put your organization in a position to not only respond effectively to cyberthreats, but also proactively mitigate future risk.

The Center for Internet Security’s Critical Security Controls

The Center for Internet Security (CIS) Critical Security Controls is an international volunteer community of individuals and institutions. Their goal is to identify the important real-world cyberattacks that affect enterprises daily, translate that knowledge and experience into positive and constructive action for defenders, and share that information with a wider audience.

The CIS Controls reflect the combined knowledge of experts, companies, and governments representing every part of the ecosystem:

These experts have banded together to create, adopt, and support the CIS Controls. The current version of controls (v8) includes:

  1. Inventory and control of enterprise assets
  2. Inventory and control of software assets
  3. Data protection
  4. Secure configuration of enterprise assets and software
  5. Account management
  6. Access control management
  7. Continuous vulnerability management
  8. Audit log management
  9. Email and Web browser protection
  10. Malware defenses
  11. Data recovery
  12. Network infrastructure management
  13. Network monitoring and defense
  14. Security awareness and skills training
  15. Service provider management
  16. Applications software security
  17. Incident response management
  18. Penetration testing

As a comprehensive pool of volunteer knowledge spanning nearly every realm of business, the CIS Controls provides practical, applicable advice you can use to address everyday cybersecurity concerns.

With the NIST and CIS, we’ve only touched the surface of framework resources available. But both entities provide solid cybersecurity frameworks that organizations can follow for best practices and ever-changing cybersecurity needs.

Zerto: Protect Your Data, and Be Stress-Free about Cyberattacks

To learn more about managing cyberthreats to combat ransomware check out part 1 and part 2 of this blog series and feel free to contact us!

Andrew Silva
Technical Marketing Manager for Competitive Intelligence

Andrew Silva is a seasoned professional in the field of technology and marketing, currently serving as a Technical Marketing Manager for Zerto, a Hewlett Packard Enterprise company. With over a decade of experience in architect and engineering roles, Andrew has established himself as an expert in various domains, including data centers, cloud computing, virtualization, data protection, and security. With a strong focus on customer success, Andrew is committed to helping organizations optimize their technology investments and achieve their business goals. He thrives on the opportunity to educate and empower customers, enabling them to leverage the latest advancements in technology for increased- efficiency, reliability, and security. Outside of work, Andrew cherishes quality time with his family and enjoys the simple pleasures of country living. He embraces the challenges and rewards of maintaining a small hobby farm. And is a passionate professional who combines his technical expertise, marketing acumen, and love for the countryside to make a positive impact in the technology industry.