The Identify Function
Assists in developing an organizational understanding to managing cybersecurity risk to systems, people, assets, data, and capabilities.
Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs.
The Protect Function
Outlines appropriate safeguards to ensure delivery of critical infrastructure services.
The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event. This includes both technical controls and protections, as well as organizational policies and procedures.
The Detect Function
Defines the appropriate activities to identify the occurrence of a cybersecurity event.
The Detect Function enables timely discovery of cybersecurity events. The importance of active defense and early detection could mean the difference between stopping an attack at the source or not knowing about an attack until it is too late.
The Respond Function
Includes appropriate activities to take action regarding a detected cybersecurity incident.
The Respond Function supports the ability to contain the impact of a potential cybersecurity incident. Responding to an incident requires a great deal of preparation and planning before an incident happens.
ProStratus encourages organizations to plan for an event and hope one never happens, rather than ignore the potential impact of a cyberattack.
The Recover Function
Identifies appropriate activities to maintain plans for resilience and to restore any capabilities, data or services that were impaired or destroyed due to a cybersecurity incident.
The Recover Function supports timely recovery to normal operations to reduce the impact from a cybersecurity incident. ProStratus believes that no matter how secure an organization is, it is only a matter of “when” and not “if” a cyberattack will happen.
Having a robust and responsive recovery plan will be key in being able to maintain operations during and after such an attack.