English
DeutschWHITE PAPER
The U.S. National Institute of Standards and Technologies (NIST) has published a cybersecurity framework, which has become the de facto security implementation standard not only for the U.S. government, but for organizations worldwide. The NIST Cybersecurity Framework (CSF) defines a common lexicon to facilitate documentation and communication of security requirements and level of implementation. In addition, the framework enables an organization to identify risks and to prioritize the mitigation of risks with respect to business priorities and available resources.
NIST’s CSF seeks to facilitate communications within and external to an organization when conveying security goals, maturity status, improvement plans and risks. The CSF specifies a framework core which defines security activities and desired outcomes across five major functions (Identify, Protect, Detect, Respond, and Recover). The framework profile enables an organization to assess their current and desired security outcomes across these major functions and implementation tiers convey an organization's maturity level of security implementation.
In alignment with the CSF recommended defense-in-depth approach, this white paper discusses the use of a DDI layer and defines a set of controls within the NIST CSF Core for you to consider to strengthen your DDI defenses and overall cybersecurity posture. The defense in depth approach strengthens an organization’s ability to absorb certain incidents and to respond and recover quickly. Beyond broad device and in-band network defense layers, a services defense layer to incorporate DDI and related requisite network services can add valuable insight and means of mitigation for security events.
