Skip to content
11:11 Systems
Rethink Connected
11:11 Systems11:11 Systems
  • Why 11:11
    • Submenu
      • Column 1
        • Cloud Console
          Cloud Console
          Compliance
          Compliance

      • Column 2
        • Global Regions
          Cloud Regions
          Catalyst
          Planning and Assessment

      • WHY CHOOSE 11:11
      • Overview
      • Leadership
      • News & Media
      •  
      • Careers
      • Technology Partners
      • Customer Stories
  • Products & Services
    • Products & Services
      • CLOUD
      • Cloud Overview
      • Public Cloud
      • Private Cloud
      • Object Storage
      • Cloud Labs
      • Colocation/Bare-Metal
      • BACKUP
      • Backup Overview
      • Veeam Backup
      • Microsoft 365 Backup
      • Managed Backup for Cohesity
      • DISASTER RECOVERY
      • DRaaS Overview
      • DRaaS for Veeam
      • DRaaS for Zerto
      • DRaaS for Azure
      • Autopilot
      • SECURITY
      • Security Overview
      • Continuous Risk Scanning
      • Managed SIEM
      • Managed EDR
      • Managed Firewall
      • CONNECTIVITY
      • Connectivity Overview
      • SD-WAN
      • Multi-Cloud Connect
      • Managed IP
  • Solutions
    • Solutions Submenu
      • INDUSTRY
      • Education
      • Financial
      • Government
      • Healthcare
  • Partners
    • Partners Submenu
      • Overview
      • Become a Partner
      • Partner Portals
  • Resources
    • Resources Submenu
      • Events
      • Webinars
      • News & Media
      • White Papers
      • Podcast
      • Data Sheets
      • Customer Stories
      • Innovation Blog
  • Support
    • Support Submenu
      • Contact Support
      • Product Documentation
      • API Documentation
Search:
  • Console Login
  • Contact
Header Right Menu
Free Trial
  • Why 11:11
    • Cloud Console
    • Compliance
    • Cloud Regions
    • Planning and Assessment
    • WHY CHOOSE 11:11
    • Overview
    • Leadership
    • News & Media
    • Careers
    • Technology Partners
    • Customer Stories
    • Blog
  • Products & Services
    • CLOUD
    • Cloud Overview
    • Public Cloud
    • Private Cloud
    • Object Storage
    • Cloud Labs
    • Colocation/Bare-Metal
    • BACKUP
    • Backup Overview
    • Veeam Backup
    • Microsoft 365 Backup
    • Managed Backup for Cohesity
    • DISASTER RECOVERY
    • DRaaS Overview
    • DRaaS for Veeam
    • DRaaS for Zerto
    • DRaaS for Azure
    • Autopilot
    • SECURITY
    • Security Overview
    • Continuous Risk Scanning
    • Managed SIEM
    • Managed EDR
    • Managed Firewall
    • CLOUD CONNECTIVITY
    • Connectivity Overview
    • SD-WAN
    • Multi Cloud Connect
    • Managed IP
  • Solutions
    • INDUSTRY
    • Education
    • Financial
    • Government
    • Healthcare
    • Column 2
  • Partners
    • Overview
    • Become a Partner
    • Partner Portals
  • Resources
    • Events
    • Webinars
    • News & Media
    • Whitepapers
    • Podcast
    • Datasheets
    • Customer Stories
    • Innovation Blog
  • Support
    • Contact Support
    • Success Center
    • API Documentation
  • Contact
  • Console Login
  • Free Trial
Tags: The NIST CyberSecurity FrameworkCyberSecurity Awareness Month
Author: Jim Jones
Date: October 10, 2022

The NIST CyberSecurity Framework: Identify

Happy CyberSecurity Awareness Month! In the spirit of cybersecurity and awareness, 11:11 Systems will be taking the month of October to dive into the NIST CyberSecurity Framework, and how it can be used to help protect your business.

In case you missed our introductory post outlining the series, we definitely recommend you take a look. Here’s a brief overview: Essentially, the NIST CyberSecurity Framework (CSF) outlines a strategy to determine your organization’s risks, how to protect against them, and, in the case of an attack, how to respond and recover from them. 

In this post, we’ll discuss the first of the five key framework functions: Identification. While this function is a bit tedious, doing it correctly will form the bedrock of the rest of your information security practices. As a former Systems Administrator at a state government organization, I’ve been through this exercise, and the annual follow ups of the data, many times.

Talking it OutWhile there are defined categories of this step, as we are outlining below, the common theme of this function should be COMMUNICATION. Let’s be honest, even as the SysAdmin of the smallest shop, you aren’t going to know every way in which your users are using technology. It could be anything from your organization’s Microsoft 365 subscription to the USB key that an accountant is using to take spreadsheets home at night. With the rise of cloud-based SaaS, the threat vector is growing by the minute.

For this reason, your “Identification” exercise needs to begin with data gathering from the stakeholders within your business. This may be as simple as requesting managers outline what applications their reports are using and where the data is stored to leveraging automated security scanning and monitoring services such as 11:11 Continuous Risk Scanning to detect security vectors you didn’t know were there.

Most likely, your organization’s answer is going to be C: “All of the Above.” And this is where 11:11 can help. By working with you, we can help you identify what systems are your largest risks and start you on the path towards protecting them.

Identify the Identification Categories

  1. Asset Management: For those of us who have worked in Information Technology/Security, we all know the first step of fixing any problem: taking inventory. In this case, we need to talk about setting the ground work for modern Asset Management. This isn’t just tracking the serial numbers and warranty expiration of your field laptops anymore. Instead we must be concerned with knowing everywhere our data, personnel, systems, and facilities are. This can still absolutely be the salesperson’s laptop, but it can equally be a partner SaaS application or an IoT sensor in a corn field. We may not necessarily rate all of those things as equal, but we do need to know that they all exist. This is what the Asset Management category is for.
  2. Business Environment: I’ve always been a fan of the idea that the more your IT department understands your business, the better they can serve your needs. That is exactly what this step is about. To fully understand your business environment, you need to understand your organization’s mission and objectives and, of course, who the stakeholders are. This also must include knowing what activities are prioritized within the organization. While things like email are important, where does that rate compared to Line of Business applications or payroll?
  3. Governance: Before we can go about protecting our data and systems, we must understand what guardrails are already in place. This is where policies and procedures come in. As part of identifying your footing you must look at things like Computer Use and Abuse policies to make sure you are inline with your needs for internal risks, and Privacy Policies to know what is allowable in terms of storing personal data of stakeholders. These and other policies should be living documents that evolve with your business and technology over time, but always serve as the guides towards how you manage data.
  4. Risk Assessment: Here is where we really start to get into the continuous lifecycle of the NIST CSF. The word “identify” may feel like a “do this once” type of task, but the reality is there are new risks to your company and its security emerging every day. Risks can be everything from the USB key mentioned earlier to a version of OpenSSH being vulnerable to a 0-day exploit. To stay on top of this in a modern organization takes more than an anti-virus system, but instead a layered approach leveraging multiple monitoring and automated response systems. These systems can easily become too much for even a large IT team, so you may want to consider a Managed Security platform that consolidates this information into meaningful alerting and can even assist with response.
  5. Risk Management Strategy: You now know what you have, why you have it, what guidelines your organization utilizes, and what your risk baseline looks like. Now we have to take all of that data and develop a strategy based on the priorities, constraints, and risks you’ve identified.

  6. Supply Chain Risk Management: The final category of the “Identify” function is to look at your own supply chain. While often overlooked, your supply chain can insert great deals of risk into your organization’s CyberSecurity posture. This step includes understanding where all of your critical consumables come from, what kind of contracts are in use with them, what the terms of those contracts are, and what kind of disaster recovery plans those suppliers provide. You can secure your systems and business all you want but if a SaaS provider has weak security controls you now have potentially opened yourself up to new risk.

Conclusion

As you’ll be learning through the course of this blog series, the NIST CyberSecurity Framework should provide a set of thought exercises that are constantly changing and evolving with your business and the InfoSec landscape around it. In the “Identify” function you should consider looking at all facets of your business to fully understand what your business is, what its risks are, and how to begin to strategize managing those risks. While this seems like a Herculean task for organizations of all shapes and sizes, here at 11:11 Systems we have decades of experience in assisting you through these exercises and can help provide the tools and expertise to complete this successfully.

Categories: Cybercrime, Ransomware, SecurityBy Jim JonesOctober 10, 2022
Tags: The NIST CyberSecurity FrameworkCyberSecurity Awareness Month

Author: Jim Jones

Jim Jones is a Senior Product Infrastructure Architect on 11:11 Systems' Product Innovation team. He has more than 20 years of experience working as a SysAdmin in the SMB and Service Provider space. Jim has certifications from Cisco Systems, Cohesity, Veeam, and VMware. He is also a member of Cisco Champions, Veeam Vanguard, and VMware vExpert programs. You can follow him online on most platforms as k00laidIT. Jim's personal blog is https://koolaid.info.

Post navigation

PreviousPrevious post:What is the NIST CyberSecurity Framework?NextNext post:Celebrating Get To Know Your Customers Day

Related Posts

Security
You Can’t Win: Learning to Live with Security Pessimism
March 13, 2023
Building a Championship-Caliber Data Security Strategy
February 15, 2023
Veeam 12
Veeam 12 Preview: Multi-Factor Authentication
February 7, 2023
Preparing for 2023 with 11:11 Systems: IT Trends in Security, Cloud, and More
February 1, 2023
What is 11:11 Systems?
What is 11:11 Systems? A company built on cloud, connectivity, and security
January 30, 2023
11:11 Systems Wins 2022 Backup and Disaster Recovery Award from Cloud Computing Magazine
January 25, 2023
PRODUCTS & SERVICES
  • Cloud
  • Backup
  • Disaster Recovery
  • Managed Security
  • Connectivity Solutions
  • Compliance
COMPANY
  • Why 11:11
  • Customer Stories
  • Careers
  • Leadership
  • Technology Partners
  • News & Media
  • Contact Support
CLOUD REGIONS
  • North America
  • EMEA
  • APAC
CONNECT
  • LinkedIn
  • Twitter
  • Facebook
  • Youtube

© 2023 11:11 Systems Inc., All Rights Reserved | Privacy Notice

Go to Top
PRIVACY POLICY AND COOKIE CONSENT
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}
PRIVACY POLICY AND COOKIE CONSENT
To provide the best experiences, we use technologies like cookies to store and/or access device information that allows us to process data such as browsing behavior. Not consenting or withdrawing consent, may adversely affect certain features and functions. By clicking Accept, closing this message, or continuing to browse, you consent to these technologies and accept our Privacy Notice.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}