This report discusses the NIST Cyber Security Framework and its application, focusing on functional areas, implementation tiers, and profiles. It includes a case study on Riot Games.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: CYBER SECURITY FRAMEWORK CYBER SICURITY Name of the University Name of the Student Author note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1NIST CYBER SECURITY FRAMEWORK AND APPLICATION 2. NIST Cyber Security NIST framework for cybersecurity is a fundamental structure of cybersecurity that is used by the individual or organization as a key to access and point out the security issues that are faced and develop to a “current profile” which properly explains the cyber activities and the outcome the organization is achieving. 2.1. Functional Area The main functional areas in which NIST helps an organization to build up a security firewall and deals will the issues are (Stouffer et al., 2017)- i.Identify ii.Protect iii.Detect iv.Respond v.Recover 2.2. Implementation Tier The Implementationtiresdescribe theefficiencyof a company’scybersecurity program and the deviation from the characteristics proposed framework (Keller, 2017). It consists of four layers- i.Partial Tier. ii.Risk Informed Tier iii.Repeatable Tier
2NIST CYBER SECURITY FRAMEWORK AND APPLICATION iv.Adaptive Tier 2.3. Profiles Profiles define the unique alignment to deal with the results of the core framework which includes- the requirements, risk processed and activities against undesirable outcomes. It is used to improve the cybersecurity structure by comparing the “Target” profile with the “current”. It is the way to optimize the framework to serve the organization in the best way possible. To approach a proper profile an organization is needed to map their security events, objective, and methodologies against the cybersecurity framework, to create the most suitable current state profile. 3.1. Application In this report, the application and practice of a cyber-security program are discussed, depending upon a company- Riot Games, Inc., California, US. 3.1.1. Life Cycle Most of the organization that depends upon IoT services are suffering from the risk of hacking. On the modern approach, MTTD and MTTR are used to deal with those issues where firework points out and kill the threats as early as possible on the life cycle that minimizes the cost of downstream (Ross, 2018). The cyber security life cycle consists of six stages- i.Reconnaissance ii.Initial compromise iii.Command & control iv.Lateral movement v.Target attainment
3NIST CYBER SECURITY FRAMEWORK AND APPLICATION vi.Exfiltration, corruption, and disruption 3.1.2. Framework and Methodologies to manage risks i.RiotGamesisasoftwaredevelopmentcompanythatusestheNIST cybersecurity framework which can detect malware on Riot games server but wasn’t working properly and taking a long time in user end causing a late retaliation of getting hacked of the user (Chikish, Carreras & Garcia, 2019). ii.The company should develop security features by his own or third party to prevent a user from getting hacked for which company is also suffering from cyber-attacks like- DDOs, Fishing, Scam causing face lose and revenue loss of the company. iii.Currently, Riot Games is using RFCs which plays a vital role in designing and guiding of their security framework- AWS Security, OFFICE Security which is the key feature to defend against piracy. 4. Conclusion From the above discussion, it could be concluded that on the era of IoT dependent organization, to keep the flow of business IT companies like Riot Games should develop a way to learn adaptively to deal with the possible threats, for the benefit of both company and consumer. 5. Reference Chikish, Y., CARRERAS, M., & García, J. (2019). eSports: a new era for the sports industry and a new impulse for the research in sports (and) economics?. InSports (and) economics(pp. 477-508). Fundación de las Cajas de Ahorros (FUNCAS). Keller, N. (2017). New to Framework.Framework.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4NIST CYBER SECURITY FRAMEWORK AND APPLICATION Ross,R.S.(2018).RiskManagementFrameworkforInformationSystemsand Organizations: A System Life Cycle Approach for Security and Privacy(No. Special Publication (NIST SP)-800-37rev2). Stouffer, K., Zimmerman, T., Tang, C., Lubell, J., Cichonski, J., & McCarthy, J. (2017).Cybersecurityframeworkmanufacturingprofile(No.NISTInternalor Interagency Report (NISTIR) 8183 (Withdrawn)). National Institute of Standards and Technology.