• Watch
  • Listen
  • Live Stream
Security Weekly
Security Market Validation
  • Listeners
    • Subscribe
    • Insider List
    • Suggest a Guest
  • Shows
    • Paul’s Security Weekly
    • Enterprise Security Weekly
    • Business Security Weekly
    • Application Security Weekly
    • Security & Compliance Weekly
    • Security Weekly News
    • Tradecraft Security Weekly
    • Secure Digital Life
  • Series
    • CISO Stories
    • Getting the Real Work Done in Cybersecurity
  • Webcasts/Trainings
    • Registration
    • On-demand
  • Articles
  • Partners
    • Become a Partner
    • Landing Pages
  • Hosts
  • Company
    • About
    • Careers
    • Contact

Articles/ Asset Management/ Configuration Management/ Endpoint Security/ Incident Response/ Intrusion Detection/ Patch Management/ Security Operations/ Threat Hunting/ Threat Intelligence/ Vulnerability Management

How the Best Defense Gets Better

Matt Alderman June 28, 2021

Security starts before detection and response, but many organizations focus there first. Mature security teams understand the importance of identification and protection.  Establishing good cyber hygiene and taking proactive measures to secure themselves against the ever-increasing threat landscape is a critical first step in a holistic security program.  How should organizations build a holistic security program and in what order?

The National Institute of Standards and Technologies (NIST) developed the best guide for building a holistic security program, known as the Cybersecurity Framework (CSF).  The NIST CSF identifies the 5 core domains of a security program:

  • Identify: Develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities.
  • Protect: Develop and implement appropriate safeguards to ensure delivery of critical services.
  • Detect: Develop and implement appropriate activities to identify the occurrence of a cybersecurity event.
  • Respond: Develop and implement appropriate activities to take action regarding a detected cybersecurity incident.
  • Recover: Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident.

Notice that Identify and Protect come before Detect and Respond, as this is also the logical order for developing and implementing your security program.  By implementing your best defenses first, you can detect and respond better.

To illustrate this approach, Russell From, Enterprise Services Integration Engineer Lead, at Tanium joined Enterprise Security Weekly to talk through a holistic approach to security using the Tanium platform approach. Commonly thought of as an Operational or Cybersecurity vendor, Tanium has built an integrated platform that covers Identify, Protect, Detect, and Respond that differentiates by being able to both discover issues and take action to resolve issues.

To learn why the best security teams rely heavily on Tanium to get smarter, faster, better in responding to threats and how your organizations can do the same, watch the demo on Enterprise Security Weekly here, register for their upcoming webcast here, or visit securityweekly.com/tanium for more information.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Facebook (Opens in new window)

Related Posts

uptrend line arrows with bar chart in stock market on blue color background

Articles /

Ransomware Damage Claims Driving Insurance Hikes

Picture1

Asset Management /

Web App and API Security Needs to Be Modernized: Here’s How

linux security

Configuration Management /

How to Defend Linux from Attacks

‹ Making the Case for Supply Chain Behavior Transparency › Preventing Criminals from Using Cloud Applications to Inject Chaos Into Work Environments

About Security Weekly

Security Weekly is the security podcast network for the security community, distributing free podcasts and media since 2005. We connect the security industry and the security community through our security market validation programs.

More Than Just A Sponsor

We view our relationships with the security industry as partnerships, not sponsorships. Security Weekly works closely with each partner to help you achieve your marketing goals and gain traction in the security market. Interested in becoming a partner? Please visit our partnerships page.

Back to Top

Subscribe To The Blog:

RSS feed RSS - Posts

Search

Latest Tweets

Tweets by @secweekly
© Security Weekly 2022
Powered by WordPress • Themify WordPress Themes