NIST Cyber Resilience Framework zur Verbesserung der IKT-Resilienz

5 Funktionen – 360° Abdeckung für Cyber Security & Resilience

Funktionen Kategorien

 Inventar Management (Assest Management) (ID.AM Geschäftsumfeld (Business Environment) (ID.BE)

 Governance (ID.GV)
IDENTIFIZIEREN (ID)  Risikomanagement (Risk Assessment) (ID.RA)
 Risikomanagement Strategie (Risk Management Strategy) (ID.RM)
 Lieferketten Risikomanagement (Supply Chain Risk Management) (ID.SC)

 Zugriffsmanagement und -steuerung (Access Control) (PR.AC)

 Awareness and Training (PR.AT
 Datensicherheit (Data Security) (PR.DS)
SCHÜTZEN (PR)
 Schutz von Daten (Information Protection Processes and Procedures) (PR.IP)
 Maintenance (PR.MA)
 Protective Technology (PR. PT)
Governance

 Vorfälle (Anomalies and Events) (DE.AE)

ERKENNEN (DE)  Überwachung (Security Continuous Monitoring) (DE.CM)
 Detection Processes (DE.DP)

 Response Planning (RS.RP)

 Kommunikation (Communications) (RS.CO)
REAGIEREN (RS)  Analyse (Analysis) (RS.AN)
 Bewältigung (Mitigation) (RS.MI)
 Verbesserungen (Improvements) (RS.IM)

 Wiederherstellungsplanung (Recovery Planning) (RC.RP)

WIDERHERSTELLEN
 Verbesserungen (Improvements) (RC.IM)
(RC)
 Kommunikation (Communications) (RC.CO)

RM Risk Management AG, Security & Risk Consultants, Switzerland 2