This blog post was is an excerpt from a recent report created by GovLoop in partnership with Quest. It was written by Catherine Andrews, Senior Director of Editorial and Production Content at GovLoop and features quotes from Quest thought leaders. To download the full report, head here.
The National Institute of Standards and Technology works to promote U.S. innovation and competitiveness by advancing science, standards and related technology through research and development in ways that enhance economic security and improve quality of life. To help the nation address its greatest information security challenges, NIST’s cybersecurity programs seek to enable greater development and application of innovative security technologies. More specifically, NIST provides guidelines for federal, state and local agencies to help them address the nation’s greatest challenges, like cyberthreats.
That’s why, in 2014, the institute developed the NIST Cybersecurity Framework (“CSF”), which was created through collaboration between industry and government. The CSF consists of standards, guidelines and practices to promote the protection of critical infrastructure and improve government security.
“The NIST Cybersecurity Framework is allowing agencies to prioritize the likelihood of different risks happening in an environment,” said Bryan Patton, Principal Strategic Systems Consultant. “You can also see progress by using it over different periods of time. Then your agency can actually see if you’re improving with your security posture, versus some areas maybe where you might need to improve.”
The framework offers five core functions that act as a backbone. According to NIST, “These five functions were selected because they represent the five primary pillars for a successful and holistic cybersecurity program. They aid organizations in easily expressing their management of cybersecurity risk at a high level and enabling risk management decisions.” But the CSF, and its five functions, are only as good as the security and technology solutions an agency has in place to address each of them.
That’s where Quest comes in. “Quest has the solutions and services to help your organization identify, protect, detect, respond and recover, better managing cybersecurity risk,” said Dan Conrad, Quest Federal Chief Technology Officer.
Quest provides leading, tested and proven options for identity management, Microsoft platform management, database and information management, systems management (client, server and cloud), data protection and migration tools for all platforms and endpoints. Agencies can protect critical data and Active Directory configurations with Quest solutions that help assess permissions continuously to identify threats, detect and alert suspicious activity, remediate and mitigate unauthorized actions and investigate and recover from security breaches.
Authored by: Catherine Andrews, Senior Director of Editorial and Production Content for GovLoop