There is a great deal of interest in the NIST CSF and how to apply it within an organization. Cavirin recently hosted a webinar detailing the rationale behind the framework, the suggested implementation process, and most importantly, the actual mapping to specific policies and controls. Here, we detail this third point.
The CSF outlines five major functions – Identify, Protect, Detect, Respond, and Recover. Using Identify as an example, the workflow is as follows:
So, mapping of the CSF to an organization’s environment is first accomplished by selecting the proper reference and control, and then selecting the Target of Evaluation, aka the operating system to which the control applies. In the example above, ‘Ensuring separate partition exists for /tmp’ is one of literally dozens of controls that apply to RHEL7 and within ID-RA-1. The audit and remediation for this is detailed within the CIS Red Hat Enterprise Linux 7 Benchmark, and specifically section 1.1.2.
We detail how this workflow matches the Cavirin Platform implementation, in our new infographic, as well as in a whitepaper available via NIST. Visit https://www.cavirin.com/solutions/nist-support.html to learn more!
