Enabling Cyber Resiliency with NIST, Cisco Security, and Splunk

Photo of author

By admin


Cyber resilience is a critical priority for any organization, especially for those within the US Public Sector. The need for this resiliency has never been greater for helping ensure the delivery of their mission and business outcomes.

Cyber resiliency refers to an organization’s ability to prepare for,

prevent, respond to, and recover from cyber incidents.

Government agencies and other organizations need a robust cybersecurity framework and effective enterprise tools to achieve this. The NIST Cybersecurity Framework (CSF) 2.0, released in February 2024, coupled with the Cisco Security Portfolio in combination with Splunk, offer a comprehensive approach to enhancing cyber resiliency for government organizations, critical industry players, and digitally dependent organizations. As we like to say, all organizations have infrastructure that’s critical to their mission and business success.

NIST Cybersecurity Framework 2.0: Govern - Identify, Protect, Detect, Respond, Recover,

NIST Cybersecurity Framework 2.0 Keys

The National Institute of Standards and Technology (NIST) Cybersecurity Framework 2.0, developed with the input of 100 countries and thousands of experts, provides a structured approach, guidance, implementation examples, and best practices for more effectively managing and mitigating cybersecurity risks . The power of NIST’s Cybersecurity Framework has always been in its ability to help organizations prioritize the adoption of flexible, repeatable, and performance-based approaches to identifying, assessing, and managing cyber risks. In addition, this approach is highly adaptable to all potential critical infrastructure areas, including Information Technology (IT), Operational Technology (OT), Internet of Things (IoT), Industrial Internet of Things (IIoT), Facility-Related Control Systems (FRCS) and Cyber-Physical Systems (CPS). Most importantly, this approach is tailorable to each organization’s capabilities, resources and mission and business needs to better manage their cyber risks.

This ability to align to mission and business requirements within each organization’s risk tolerances has been enhanced in the 2.0 version with the addition of extensive implementation examples that make it easier for organizations to assess and improve their cybersecurity practices and maturity levels. These implementation examples are aligned to the six key functions (see Table 1: NIST Cybersecurity Framework 2.0 Key Function Overview) and 22 supporting categories that are at the core of the framework.

Table 1: NIST Cybersecurity Framework 2.0 Key Function Overview

Cross-Architecture Enterprise Mission Resilience

Critical to ensuring mission and business resiliency is identifying your High-Value Assets (HVAs), those information systems and information that are so critical to an organization that loss of access to these systems or the loss or corruption of this information and/or data would have serious adverse impact to the organization’s ability to perform its mission or conduct business. To optimize enterprise mission resiliency, each organization must understand the dependencies and cross-domain inter-dependencies of these mission-critical assets and processes used in achieving their mission and business success.

Effective enterprise critical infrastructure resiliency requires cross-architecture visibility, orchestration and integration across your enterprise to help ensure successful mission and business outcomes. Cisco’s Security Portfolio and Splunk’s AI-powered observability platform are aligned to deliver these capabilities across the entirety of your HVA systems and processes within your enterprise mission domains.

Delivering Superior Cyber and Operational Resilience

Cisco’s recent acquisition and integration of Splunk improves the robustness of our solutions and capabilities to not only address the 11 technical CSF 2.0 categories, but also enhances our ability to deliver data-informed and data-driven insights that are critical to optimizing the vast majority of the remaining 11 non-technical category policies and actions. Cisco believes that the ability to deliver shared data-based synergies across both technical and non-technical CSF categories enhances both mission-critical resiliency and the ability of each organization to achieve their desired mission and business results.

Cisco’s perspectives on these needed capabilities include:

Better Security

Through more robust Splunk integrations with Cisco Identity Services Engine (ISE), Secure Network Analytics (SNA), Next-Generation Firewalls (NGFW) and the incorporation of Cisco Talos comprehensive threat intelligence into Splunk.

These integrations enable a more holistic security solution for governance, identification, threat prevention and protection, detection, response, recovery and incident investigation for organizations of any size, utilizing cloud, network, and endpoint traffic for unparalleled visibility.

Better Observability

By integrating Splunk’s industry-leading data platform to enhance proactive troubleshooting in our application and infrastructure monitoring, automating and orchestrating solutions seamlessly across on-premise and multi-cloud environments.

This full-stack observability and optimization solution approach improves organizations’ digital experiences across a hybrid multi-cloud environment to enhance mission and business outcomes.

Better Networking

Cisco’s networking assurance capabilities integrated with Splunk’s data platform converges networking, security, and observability data into a unified view of network reliability and threat intelligence, helping proactively protect network performance and operations while preventing outages.

These integrations also accelerate the evolution of powerful AI network capabilities to automate, orchestrate, optimize, and protect network performance delivered on our intelligent, resilient, and continually evolving and optimized network infrastructure.

Other Key Cisco / Splunk Integration Benefits

  • Our open and extensible portfolio solutions are tightly integrated, yet loosely coupled, thus supporting multi-vendor environments and protecting existing IT investments as does our extensive use, support, and contribution to open-source efforts such as ClamAV, Snort, OpenTelemetry, Kubernetes, Cilium (eBPF), and more.
  • Enables DevOps, AppOps, InfraOps, NetOps, SecOps, and engineering teams to collaborate more effectively with shared data and context across your enterprise domains.
  • Cisco and Splunk’s platform approach helps our clients more effectively integrate and consolidate existing point investment and tools, thus reducing costs, eliminating seams, and delivering greater enterprise resiliency.

The new Cisco looks forward to continuing to help government agencies and other organizations achieve greater cyber and operational resiliency across their mission-critical infrastructure(s).

Next Steps

Take a look at the following related links for additional information:

Button: Subscribe to Cisco in Government Blogs

Share:



Source link

Leave a Comment