Daniel Clayton, Vice President of Cybersecurity Operations at Expel, discusses how a detailed cybersecurity framework can increase industry resiliency.
Cybersecurity resiliency is the foundation of organizational resilience and business continuity. The threat landscape is evolving by the day, creating new challenges and complexities for both businesses and individuals.
As organizations strive to protect their digital assets and reduce risk, the need for a comprehensive cybersecurity framework has never been greater.
Against this backdrop, frameworks, guidance and regulatory mandates play a pivotal role in shaping cybersecurity practices and promoting resilience. From the evolution of well-known frameworks such as the National Institute of Standards and Technology's (NIST) Cybersecurity Framework (CSF) to organizations such as the National Cyber Security Center (NCSC) and regulatory initiatives such as the Digital Operational Resilience Act (DORA). ), the cybersecurity community is witnessing government agencies around the world working together to address emerging threats and strengthen cyber defenses.
Here are some examples of how frameworks and guidance are actively helping to make the cyber industry more resilient.
Evolving cybersecurity framework
Recent evolutions in cybersecurity frameworks, represented by NIST CSF 2.0, represent significant improvements in addressing the complex challenges of modern cybersecurity.
Since its first revision in 2014, the NIST CSF has provided organizations with a structured approach to cybersecurity, dividing key principles into easy-to-understand functional areas: identify, protect, detect, respond, and recover. With the release of CSF 2.0 in 2024, NIST has refined and expanded its guidance to add “Governance” as a functional area to align with evolving threats and organizational needs.
The introduction of governance capabilities is a notable enhancement, highlighting the importance of evidence and verification in cybersecurity frameworks. This addition enables organizations to establish robust policies and procedures to ensure compliance and a minimum level of resiliency across many critical aspects of cybersecurity operations.
Additionally, CSF 2.0 provides customized resources and implementation examples to help organizations customize their cybersecurity approach based on industry-specific requirements and operational priorities.
From identifying vulnerable critical assets to protecting against emerging threats and enhancing incident response capabilities, a cybersecurity framework provides a comprehensive roadmap for organizations to effectively address the complexity of cybersecurity. (Expel's toolkit to help you assess your company's cybersecurity posture can be found here).
Customized guidance to increase operational resilience
In today's interconnected digital environment, operational resiliency is paramount, especially as organizations increasingly rely on cloud technologies and operational technology (OT) solutions. Tailored guidance from bodies like the NCSC provides practical insights and recommendations to close critical gaps, strengthen resilience and reduce risk.
For example, organizations moving critical systems to cloud environments face unique challenges. NCSC's guidance on cloud-hosted supervisory control and data acquisition (SCADA) systems provides insight into risk assessment, technology suitability, and organizational readiness. Understanding business drivers, cloud opportunities, and potential risks allows organizations to make informed decisions that align with their operational goals and risk appetite.
Additionally, the NCSC recognizes that small and medium-sized enterprises (SMEs) rely on digital platforms in their daily operations and emphasizes the importance of securing online services. NCSC provides accessible resources and tutorials to help small and medium-sized businesses implement effective cybersecurity frameworks and protect critical functions from pervasive threats such as ransomware attacks and data breaches. .
Harmonized with regulatory obligations
Regulatory obligations currently play a pivotal role in shaping cybersecurity practices, especially in highly controlled sectors such as finance. Our company saw a 5% increase in cyberattacks in the second half of last year, with some of the highest risk malware and identity incidents. (See the complete Expel 2024 threat report here).
Initiatives such as the Digital Operational Resilience Act (DORA) and the Network and Information Systems Directive 2 (NIS2) will help strengthen the cyber resilience of organizations across the EU.
DORA is a landmark regulation designed to strengthen the resilience of financial institutions' digital operations. By harmonizing rules and oversight frameworks, DORA will help streamline ICT risk management, third-party monitoring, incident reporting, and information sharing, especially across the financial sector.
Both DORA and NIS2 recommend that cyber risk management be placed within an organization's strategic framework and treated with the same level of care and attention as other more traditional business risks.
Financial institutions must prioritize proactive risk management and incident response preparedness to effectively mitigate ICT risks. You're more likely to do so if you adhere to any of the principles and requirements of these frameworks.
Strengthen your cybersecurity practices
Collectively, the evolution of cybersecurity frameworks, customized guidance for operational resilience, and regulatory mandates highlight collaborative efforts to strengthen cybersecurity practices globally. Organizations should adopt these efforts to strengthen their cyber defenses and protect themselves from emerging threats.
Compliance and security remain two different standards, but by prioritizing resiliency, collaboration, and compliance, the cybersecurity community can confidently address the evolving threat landscape and secure the digital future of organizations and individuals. can.
