Following the NIST Framework for Improving Critical Infrastructure Cybersecurity, managing the security of information hinges on five security management capabilities:
- Identify: what information needs to be protected and where it is located
- Protect: that information
- Detect: information attacks and other incidents
- Respond: to information attacks and other incidents, especially successful attacks
- Recover: from the incident, returning back to normal operations
The information security management community has begun referring to these capabilities as information resilience: The ability of an organization to continue to provide an acceptable level of performance throughout all phases of the management chain, particularly respond and recover.
Contributed by Citadel Information Group
© Copyright 2017. Citadel Information Group. All Rights Reserved.