5 NIST Framework Core Functions are defined below. This is not a blueprint for performing security assessments, but will definitely help with the end result.
1, Identify – With this function you will develop an organizational understanding that will help manage the risk of cybersecurity. This will include management of systems, people, assets, data and capabilities. The activities in the Identify Function are the foundation to effectively use the NIST framework. The idea is to understand and support critical functions and the risks associated with cybersecurity so your practice and focus and prioritize its efforts. This will be consistent with your risk management strategy and your medical practice needs. Examples of outcomes categories for this function are: Asset Management, Business Environment, Governance, Risk Assessment and Risk Management Strategy.
2. Protect – For this function, you will put into place your risk management strategy. You have already identified, now you need to protect your environment. The Protect Function will support your ability to limit or contain the impact of potential cybersecurity attacks or events. Categories for this function include: Identity Management, Awareness Training, Processes and Procedures, Maintenance, and Protective Technology.
3. Detect – With this function, you want to enable timely discovery of cybersecurity events. You will want to develop and implement activities to identify the occurrence of a cybersecurity event. Categories for this function include: Anomalies and Events, Monitoring and the Detection Process.
4. Respond – This is where you will take action in the case of a cybersecurity event. This function will support the ability to contain the impact of a potential attack. Examples of outcome Categories within the Function include: Response Planning, Disaster Recovery Planning, Communications, Analysis, Mitigation and Improvements.
5. Recover – This is what is “in” your disaster recovery plan. You want to develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity attack. This function supports a timely recovery back to normal operations in order to reduce the impact of the cybersecurity attack. Examples of Categories within this Function are: Recovery Planning, Improvements and Communications.