Compare and contrast the following six security frameworks for addressing the cybersecurity risk
Computer Sciences and Information Technology
Compare and contrast the following six security frameworks for addressing the cybersecurity risk
Cybersecurity risks and threats have been consistently increasing and causing substantial damage inclining the Information security professionals and teams to develop different security frameworks to counter the risks and threats. The various cybersecurity frameworks include NIST Risk Management Framework (RMF), ISACA IT Risk Management Lifecycle, CIS Top 20 Security Controls, ISO IEC 27001/27002, Payment Card Industry Data Security Standard (PCI DSS), and HITRUST Common Security Framework (HITRUST CSF). The different cybersecurity frameworks are different or similar in their operations thus raising differences in effectiveness to counter threats and risks (Shackelford et al., 2015). The differences in the cybersecurity frameworks make them be employed differently in various roles, tasks, and responsibilities due to the differences in capability. In this case, one framework is better than the others in effectiveness prompting the different security frameworks to be employed in different ways such as prevention of cyber-attacks, reducing the impact after an attack and thus one needs to adopt the best cybersecurity framework. Different cyber security frameworks have differences thus they are used differently in terms of roles and responsibilities.
1. Is one framework better (i.e., more effective) than the others?
The different cyber security frameworks have differences that make them better than each other in countering different risks and threats. The differences in the frameworks are marked from the advantages/benefits or disadvantages of every cybersecurity framework in the course of preventing organizations from cyber-attacks, threats, and risks. In establishing a better framework than the other one needs to establish its functions, its operations and, advantages in countering general or specific cyber-related threats and risks. The best cybersecurity framework among the six cybersecurity frameworks is the NIST Risk Management Framework (RMF) due to its functions and benefits in countering cyber-related threats and risks. The risk management framework takes the specification and selection of security controls for an organizational system as part of the organizational-wide information and assets security programs that involve the effective management of risks (Ting and Comings, 2010). The risks and threats in an organization are eliminated and averted through operations within the system. The management of organizational risk is a significant aspect of the organizational information security program and gives an effective framework for selecting effective security controls in respect of the type of attacks, risks, and threats involved. Under the RFM the protection of persons, assets, and operations within the organizations is done effectively through decision making to adopt the most effective countermeasure thus making the cybersecurity framework the most appealing among others. Additionally, the RMF provides a system that integrates and incorporates risk and security management in the system development life cycle. The risk-based approach to eliminating risks and adoption of specification and security control selection factors in the regulations, standards, policies, executive orders, directives, and the applicable laws to ensure that the approach achieves its goals effectively and efficiently devoid of barriers. Moreover, the RMF is operated in steps and processes that include assessing controls, authorization of the system, monitoring of the controls, categorizing of the system selection of the control and the implementation of the controls the goals and objectives are systematically achieved. Therefore, the RFM framework can be effectively adopted in different organizations to eliminate and neutralize cybersecurity risks and threats in organizations.
2. Would the implementation of any of the frameworks have prevented a recent cyber-attack in the news?
The cybersecurity frameworks need to be adopted to prevent the attacks, risks, and threats in organizations. In recent years cyber-attacks and threats have been successfully implemented thus adversely affecting the victims and thus effective cybersecurity frameworks need to be adopted to prevent such and related risks in the future. For instance, the American Medical Collection Agency (AMCA) reported that the billing service vendor for the healthcare industry was exposed to the hackers between August and March. The hacking resulted in the patient data being compromised resulting in the uncertainty of many people. In this regard, such risks need to be prevented by adopting ISACA IT Risk Management Lifecycle. Under the Risk Management Lifecycle (RML), an end to end and comprehensive risk protection in the organization is enhanced in all the processes and functions thus effectively preventing risks and threats (Hersyah, Mohammad, Kridanto and Surendro, 2013). Risks are normal in organizations and they should be managed by acting on them before they affect the business operations. Under the RML risk IT the framework is founded on a set of guiding principles for effective management of risks in the course of normal operations. The framework offers a comprehensive framework for the control and governance of IT- and business-driven solutions and services. This framework ensures that risks are identified early in advance making it possible to governs and manage them in the interest of risk mitigation. Proper management of risk is significant to preventing or neutralizing risks thus ensuring that the organizations’ functions, processes, and operations are safe and protected from risks and threats. Therefore, the AMCA needs to adopt the ISACA IT Risk Management Lifecycle to effectively manage risks thus ensuring that future risks are mitigated and the organizational operations and functions are safe and secure.
3. Could they have reduced the impact on organizations?
In the incident of the AMCA hacking attack, the organization could have effectively reduced the impact of the attack by adopting an effective cybersecurity framework. In the first place, the hacking incident at the AMCA exposed the confidential data of patients thus making them vulnerable. Medical information, social security numbers, financial data, and personal data was exposed and landed on the hands of the unauthorized third party thus leaving the patients exposed and vulnerable. Additionally, AMCA partners such as the QQuest Diagnostic, LabCorp, Penobscot Community Health Center, South Texas Dermatopathology, Natera and Clinical Pathology Laboratories were affected due to the twelve million records being compromised. In this regard, the AMCA parent company filed for bankruptcy and the partners are facing lawsuits and investigations. Therefore, the hacking incident left a devastating impact that would have been effectively prevented in the case AMCA had the ISACA IT Risk Management Lifecycle cybersecurity framework in operation. First, the RML framework would have effectively identified the hacking operations in advance thus ensuring that effective countermeasures were adopted. This fact significantly reduces the impact of the attack to the point of the organization redeeming itself (Carcary, 2013). Consequently, the RML cybersecurity framework would have made it possible to track and forward the attackers to the relevant law enforcement agencies to ensure that the compromised data would not be used against any party. The tracking and arresting of the hackers would ensure that the stolen data is retrieved from the hands of the hackers thus restoring the organizations’ operations. Additionally, the cybersecurity framework enhances the identification of loopholes and vulnerabilities in the AMCA system and network thus effectively eliminating the risks to the point of reducing the impacts of the attack.
4. Which one would work best for your workplace organization?
CIS Top 20 Security Controls will be the most effective cybersecurity framework to enhance the safety and protection of the organization as well as eliminate any risks and threats. CIS Top 20 Security Controls cybersecurity has a wide range of functions thus cover different operations concerning eliminating and neutralizing threats and risks to the organizational personnel, information and assets. First, the framework enhances continuous vulnerability management to ensure that there are no gaps or loopholes thus preventing any attack (Shamma, 2018). The system and network have vulnerabilities that are created from time to time thus allowing threats to take place. The vulnerabilities and loopholes are consistently solved and sealed making it hard for unauthorized parties to have illegal access into the system or the network. Consequently, the framework enhances malware defenses, data protection, and boundary defenses to ensure the organizational system and the network is infiltrated at the expense of an organization. The attackers and hackers have devised different ways of implementing attacks and thus they organizations need to devise countermeasures to effectively eliminate threats. The different defenses ensure that attackers do not use worms, viruses, and malware at the expense of the organizations. The various defenses are capable of detecting intrusion of the malware, viruses, and worms as well as attacks directed at accessing confidential information illegally. Furthermore, the framework incorporates the Incident Response and Management (IRM) to ensure that risks and attacks that have been implemented in the system can be effectively managed to ensure that they are neutralized. The IRM reduces the adverse impacts of the risks by taking control of the security incidences to ensure they are amicably solved to the advantage of the affected organization.
Conclusion
Different cybersecurity frameworks need to be adopted in a selective way to address various cybersecurity attacks, threats, and risks. The various cybersecurity frameworks have different characteristics that make them fit to address specified cybersecurity risk and attack issues. The different frameworks have different features, advantaged and disadvantages that make them unique in addressing various security issues. The comparing and contrasting the different cybersecurity frameworks enhances the enables one to decide on the best framework to be used in different cases. In this regard, the comparison and contrasting revealed that the NIST Risk Management Framework (RMF) was the best framework as compared to the others. Consequently, the research revealed that the ISACA IT Risk Management Lifecycle framework would have prevented and reduced the impact of a cyber-attack on the American Medical Collection Agency (AMCA) to ensure that the organization would recover from the attack. Additionally, the comparison and contrasting revealed that the bests cybersecurity framework for the organization would be CIS Top 20 Security Controls for it has different strategies that will effectively cover the organization from any cyber-attacks, risk or threat. Therefore, there is a need to effectively make choices of the cybersecurity frameworks to be adopted in protecting the organizational operations to ensure that personnel, information, and assets are safe.
References
Shamma, B. (2018). Implementing CIS Critical Security Controls for Organizations on a Low-Budget (Doctoral dissertation).
Carcary, M. (2013). IT risk management: A capability maturity model perspective. Electronic Journal of Information Systems Assessment, 16(1), 3.
Hersyah, M. H., & Surendro, K. (2013, June). ICT risk management capability dimension for smart education: A two dimensional approach. In International Conference on ICT for Smart Society (pp. 1-5). IEEE.
Shackelford, S. J., Proia, A. A., Martell, B., & Craig, A. N. (2015). Toward a global cybersecurity standard of care: Exploring the implications of the 2014 NIST cybersecurity framework on shaping reasonable national and international cybersecurity practices. Tex. Int’l LJ, 50, 305.
Ting, W. W., & Comings, D. R. (2010). Information assurance metric for assessing NIST’s monitoring step in the risk management framework. Information Security Journal: A Global Perspective, 19(5), 253-262.
Picture
Retrieved from: https://csrc.nist.gov/projects/risk-management/risk-management-framework-(RMF)-Overview
The above picture shows the steps of implementing the Risk management framework.